A trust model applied to e-mail servers Leonardo Oliveira and Carlos Maziero Graduate Program in Computer Science Pontifical Catholic University of Paran´ a, Brazil {bispo,maziero}@ppgia.pucpr.br Abstract E-mail services are essential in the Internet. However, the basic e-mail architecture presents problems that opens it to several threats. Alternatives have been proposed to solve some problems related with e-mail services, offer- ing reliability and scalability to those systems. This work presents a distributed trust model, allowing to create dy- namic and decentralized trusted server lists, through the ex- clusion of servers used as spreaders of malicious messages. Many techniques were used to build it, like a social network model, message filters, message management, and a trust information storage and propagation model. 1 Introduction E-mail systems are commonly used by its simplicity, flexibility, and low costs for implementation and usage. However, this kind of system suffers problems caused by fragilities of protocols involved on communication process. Amongst them are lacks of a robust mechanism for authen- tication, lacks of a confidentiality and integrity mechanism for message delivery, and also lacks of a reputation mecha- nism of users and e-mail servers. E-mail systems researches are trying to solve this kind of fragilities using filtering and classification algorithms, which look for malicious patterns inside the message con- tent, using symmetric keys on e-mail clients, to sign and cypher sent messages, and methods for e-mail servers au- thentication. These researches resulted in important ad- vances in the attempt to solve problems related with authen- tication, but does not provide mechanisms to measure how trustful a server or domain is. In other words, authentica- tion mechanisms by themselves are not able to minimize the sending of malicious messages (spam). This work presents a distributed trust model for e-mail servers that uses e-mail classification techniques, a sender authentication model, and social networks, to create an en- vironment able to keep information about legitimate/mali- cious e-mail servers using a decentralized method. Section 2 brings a short review of main threats in e-mail services. Section 3 describes the main techniques used to authenti- cate the e-mail senders; section 4 describes the use of so- cial networks in a distributed environment, section 5 shows the proposal architecture and details its functional aspects; section 6 presents the model implementation and discusses some experimental results; finally, section 8 concludes this work and delineates some perspectives of continuity. 2 Threats in e-mail systems Today e-mail systems were designed to be simple, their main target was restricted to a small and trustful environ- ment, constituted basically by the academic community. The SMTP protocol, responsible for e-mail transferences between servers [4, 8] does not provide robust mechanisms for authentication and access control. Amongst the current problems present in e-mail systems are spams, virus and scams, which compromises their performance, robustness, security, and usability. Many techniques are being used for spam control. The main techniques are based on trustful and non-trustful servers lists, or on screening received messages to find sus- pect content: • Black Lists: distributed RBL (Realtime Blackhole Lists) servers keep lists of IP address from spam spreaders or sources, which can queried by DNS to verify the sender trustworthiness [7]. • White Lists: each e-mail server can keep a trusted senders list; this list is commonly kept through a web- based acknowledge mechanism [6]. • Anti-spam Filters: Programs that filter e-mail accord- ing to its content, using statistical techniques, Bayesian classification, neural networks, etc. [10, 15]. A second form of threat are virus and worms, which are malicious programs that can spread though e-mail. An e-