The Impact that Placing Email Addresses on the Internet Has on the Receipt of Spam - An Empirical Analysis
RWTH Aachen University
Computers & Security, Forthcoming
Email communication is encumbered with a mass of email messages which their recipients have neither requested nor require. Even worse, the impacts of these messages are far from being simply an annoyance, as they also involve economic damage. This manuscript examines the resource "email addresses", which is vital for any potential bulk mailer and spammer. Both a methodology and a honeypot conceptualization for implementing an empirical analysis of the usage of email addresses placed on the Internet are proposed here. Their objective is to assess, on a quantitative basis, the extent of the current harassment and its development over time. This "framework" is intended to be extensible to measuring the effectiveness of address-obscuring techniques. The implementation of a pilot honeypot is described, which led to key findings, some of them being: (1) Web placements attract more than two-thirds (70%) of all honeypot spam emails, followed by newsgroup placements (28.6%) and newsletter subscriptions (1.4%), (2) the proportions of spam relating to the email addresses' top-level domain can be statistically assumed to be uniformly distributed, (3) More than 43% of addresses on the web have been abused, whereas about 27% was the case for addresses on newsgroups and only about 4% was the case for addresses used for a newsletter subscription, (4) Regarding the development of email addresses' attractiveness for spammers over time, the service "web sites" features a negative linear relationship, whereas the service "Usenet" shows a negative exponential relationship. (5) Only 1.54% of the spam emails showed an interrelation between the topic of the spam email and that of the location where the recipient's address was placed, so that spammers are assumed to send their emails in a "context insensitive" manner. The results of the empirical analysis motivate the need for the protection of email addresses through obscuration. We analyze this need by formulating requirements for address obscuring techniques and we reveal to which extent today's most relevant approaches fulfill these requirements.
Keywords: Address-obfuscating techniques, email, empirical analysis, honeypot, security by design, security by obscurity, spam
JEL Classification: L86, L96
Date posted: April 25, 2007