Conference Proceedings

The Unintended Consequences of Email Spam Prevention

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (2018) 10771 LNCS 158-169
DOI: 10.1007/978-3-319-76481-8_12
9Citations
Citations of this article
9Readers
Mendeley users who have this article in their library.
Get full text

Abstract

To combat Domain Name System (DNS) cache poisoning attacks and exploitation of the DNS as amplifier in denial of service (DoS) attacks, many recursive DNS resolvers are configured as “closed” and refuse to answer queries made by hosts outside of their organization. In this work, we present a technique to induce DNS queries within an organization, using the organization’s email service and the Sender Policy Framework (SPF) spam-checking mechanism. We use our technique to study closed resolvers. Our study reveals that most closed DNS resolvers have deployed common DNS poisoning defense techniques such as source port and transaction ID randomization. However, we also find that SPF is often deployed in a way that allows an external attacker to cause the organization’s resolver to issue numerous DNS queries to a victim IP address by sending a single email to any address within the organization’s domain, thereby providing a potential DoS vector.

Cite

CITATION STYLE

APA

Scheffler, S., Smith, S., Gilad, Y., & Goldberg, S. (2018). The Unintended Consequences of Email Spam Prevention. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 10771 LNCS, pp. 158–169). Springer Verlag. https://doi.org/10.1007/978-3-319-76481-8_12

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free