Combating Spam with TEA

— It has been observed that the underlying reasons for the continuing growth of the " spam " problem are a lack of reliable sender authentication and the near-zero cost of sending huge volumes of marketing material worldwide, via email. Previous attempts to address these problems either change the fundamental properties of email, reducing its usefulness to legitimate senders, or require an infeasible move to new system architectures. In this paper we present two new techniques for increasing the level of sender authentication for legacy-system plain text email addresses. We then show how these Trustworthy Email Addresses (TEA) can be used in conjunction with a trust and risk-based security framework as an effective anti-spam tool. Our prototype Java implementation is then evaluated in the context of a spammer threat model with an economic analysis of the viability of each threat.