Servizio Comunitario di Informazione in materia di Ricerca e Sviluppo - CORDIS

FP5

SECURE Sintesi della relazione

Project ID: IST-2001-32486
Finanziato nell'ambito di: FP5-IST
Paese: Switzerland

Trust-based email SPAM filter application

A SPAM filter was the main application developed over the SECURE framework. Each user has an email client that is configured to use an IMAP and SMTP proxy. The role of the proxy is to interpose on messages received from the server, and to declare the message as SPAM or as valid, based on a SECURE decision. Each SPAM message detected by the SECURE framework is marked. This is done through the addition of a message header field X-Spam-Value. The email client employs a filter to send SPAM messages to a special folder.

In this application, a principal represents an email user, or more specifically, an email address. An email proxy runs as a separate process, on a machine that is specified by the email client configuration. In the case of a false positive or false negative, the user can move the message from or to the SPAM folder. This move request is intercepted by the proxy and interpreted as an observation of an outcome (of a message being SPAM or valid). This is why the SPAM filter acts as a proxy on the IMAP protocol -- used by clients to download messages from the email server -- since this protocol allows clients to create email folders on the server and to copy messages between them. The POP3 protocol, also used by email clients for downloading messages, does not have this possibility, so the best one could do is simply to mark the messages. All standard email clients today can be configured to use IMAP and SMTP proxies, i.e., the open source Mozilla clients, Netscape, as well as Microsoft's Outlook (Express). Thus, the SECURE filter is client-independent. The code that processes the IMAP commands and implements the policy components contains around 3000 lines of pure Java code.

The trust-based SPAM filter can be used in addition to a content-based SPAM filter to improve SPAM detection. However, the current implementation is just a laboratory prototype. The result can be of use to the scientific community for the experimentation into trust-based email SPAM filtering. It is currently too early to estimate its commercial potential. As a result, no specific steps have been taken at this stage in order to protect any IPR emanating from it.

Informazioni correlate

Contatto

Jean-Marc SEIGNEUR, (Senior Researcher and Lecturer)
Tel.: +41-22-3791087
Fax: +41-22-3797780
E-mail