Who's got your mail?

Liu, Enze; Akiwate, Gautam; Jonker, Mattijs; Mirian, Ariana; Savage, Stefan; Voelker, Geoffrey M.

doi:10.1145/3487552.3487820

Cited by 12 publications

(4 citation statements)

References 22 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…SMTP plays a pivotal role on the Internet by defining both the MTA client and MTA server. Its primary purpose is to establish the guidelines for the transfer of data between the MTA client and MTA server through the exchange of commands and responses [98], [99]. In essence, SMTP provides the framework for the seamless transfer of emails across the Internet.…”

Section: Smtpmentioning

confidence: 99%

Performance, privacy, and security issues of TCP/IP at the application layer: A comprehensive survey

Timothy Murkomen

2024

GSC Adv. Res. Rev.

View full text Add to dashboard Cite

TCP/IP is the backbone of modern network communication, connecting devices across the world. TCP/IP at its core is a suite of protocols that enables the transmission of data between computers, facilitating the foundation of the interconnected global network. At the Application Layer of TCP/IP is where the interaction between software applications and the network occurs. The user-centric protocols such as HTTP, SMTP, FTP, POP3, IMAP and DNS facilitate various tasks at this layer such as web browsing, email communication, and file transfer. This comprehensive survey conducted an exploration of the performance, security and privacy issues at the application layer of the TCP/IP. It initiated by providing a background of TCP/IP model, it’s architecture and the core characteristics, with major focus on the application layer. This paper aimed to discuss the state-of-the-art of performance, privacy and security concerns in TCP/IP application layer. It also proposed future research areas to equip researchers, practitioners, policy makers and the decision makers with tangible knowledge, offering guidance in navigating the performance, privacy and security concerns in TCP/IP Application Layer. It aimed to discuss the current performance, privacy and security research gaps at the Application Layer of the TCP/IP Model. The findings of this research sheds light on the performance, privacy and security issues while suggesting the countermeasures to strengthen and optimize the overall performance, security and privacy of TCP/IP model at the application layer. The paper finally suggests future directions and research areas at the TCP/IP application layer.

show abstract

Section: Smtpmentioning

confidence: 99%

Performance, privacy, and security issues of TCP/IP at the application layer: A comprehensive survey

Timothy Murkomen

2024

GSC Adv. Res. Rev.

View full text Add to dashboard Cite

show abstract

“…The Microsoft support website explains how to enable the capability in various versions of Outlook. Additionally, encryption for web-based email services is supported through browser add-ons like Gmail S/MIME for Firefox [36][37][38][39].…”

Section: Email Abuse Scenarios and Threats In Email Communicationmentioning

confidence: 99%

“…The attribute A with the biggest information gain is chosen as the dividing element. This is comparable to saying that we are looking for partition qualities that will result in the best ranking [38]. Information gain is considered an automatic detecting system based on the mathematical approach, and this method aids in calculating the importance of qualities that compose emails to classify them to locate the bad ones (forensics) [39].…”

Section: Information Gainmentioning

confidence: 99%

Email Security Issues, Tools, and Techniques Used in Investigation

et al. 2023

View full text Add to dashboard Cite

The email system is a globally distributed communication infrastructure service that involves multiple actors playing different roles to ensure end-to-end mail delivery. It is an indispensable method of communicating that is changing how people share data and information. As a result, it facilitates effective and efficient communication, especially in business, as well as convenience, accessibility, and replication. Today, email can send more than just text files; it can also send audio, video, photos, and other files with extensions. With email becoming ubiquitous in all aspects of our lives, enhancing its security, operating procedures, and forensic investigation has become essential. The purpose of this paper is to review some real email forensic incidents and the tools and techniques that have been proposed. A discussion of the major threats to email as well as techniques to mitigate them will also be provided. A comparison study was made of several techniques and analysis tools used in email forensics. In addition, this paper compares the available software tools for email forensics based on factors such as language interface, user interface, programming language, creation of image files, calculation of hash value, cost, and advantages.

show abstract

“…Moreover, SPF vulnerabilities can be magnified with the emergence of shared infrastructure. First, more and more organizations and institutions host their email services to professional email service providers [14]. Most email providers require their clients to include SPF records of email providers in their own SPF records, which directly leads to the centralization of SPF deployment.…”

Section: Introductionmentioning

confidence: 99%

BreakSPF: How Shared Infrastructures Magnify SPF Vulnerabilities Across the Internet

Wang,

Kuranaga,

Wang

et al. 2024

Proceedings 2024 Network and Distributed System Security Symposium

View full text Add to dashboard Cite

Email spoofing attacks pose a severe threat to email systems by forging the sender's address to deceive email recipients. Sender Policy Framework (SPF), an email authentication protocol that verifies senders by their IP addresses, is critical for preventing email spoofing attacks. However, attackers can bypass SPF validation and launch convincing spoofing attacks that evade email authentication. This paper proposes BreakSPF, a novel attack framework that bypasses SPF validation to enable email spoofing. Attackers can actively target domains with permissive SPF configurations by utilizing cloud services, proxies, and content delivery networks (CDNs) with shared IP pools. We leverage BreakSPF to conduct a large-scale experiment evaluating the security of SPF deployment across Tranco top 1 million domain names. We uncover that 23,916 domains are vulnerable to BreakSPF attacks, including 23 domains that rank within the top 1,000 most popular domains. The results underscore the widespread SPF configuration vulnerabilities and their potential to undermine the security of email systems. Our study provides valuable insights for detecting and mitigating SPF vulnerabilities and strengthening email system security overall.

show abstract

Who's got your mail?

Cited by 12 publications

References 22 publications

Performance, privacy, and security issues of TCP/IP at the application layer: A comprehensive survey

Performance, privacy, and security issues of TCP/IP at the application layer: A comprehensive survey

Email Security Issues, Tools, and Techniques Used in Investigation

BreakSPF: How Shared Infrastructures Magnify SPF Vulnerabilities Across the Internet

Contact Info

Product

Resources

About