Opacity: zIndex: Get 100000 0FP0EXP Token to input your own list (json format) or insert json link:

Get 80000 0FP0EXP Token to input your own list (json format) or insert json link:

My Playlist:

JSON Ready: Not Ready

Ready State:

Network State:

Name:

Album:

Reference:

Background Color

General HTML background color:

Header background color:

Menu background color:

Content background color:

Widget background color:

Footer background color:

Font Size

Get 150000 0FP0EXP Token to unlock this feature.

Heading 1 font size:

Heading 2 font size:

Heading 3 font size:

Heading 4 font size:

Heading 5 font size:

Heading 6 font size:

Header font size:

Header Widget font size:

Menu font size:

Widget font size:

Footer font size:

Content font size:

Font Color

Get 200000 0FP0EXP Token to unlock this feature.

Heading 1 font color:

Heading 2 font color:

Heading 3 font color:

Heading 4 font color:

Heading 5 font color:

Heading 6 font color:

Header font color:

Header Widget font color:

Menu font color:

Widget font color:

Footer font color:

Content font color:

Font Shadow

Get 250000 0FP0EXP Token to unlock this feature.

Heading 1 font shadow:

Heading 2 font shadow:

Heading 3 font shadow:

Heading 4 font shadow:

Heading 5 font shadow:

Heading 6 font shadow:

Header font shadow:

Header Widget font shadow:

Menu font shadow:

Widget font shadow:

Footer font shadow:

Content font shadow:

Other Styles Coming Soon



Source Code

Click the above image for basic sourced and click following button for processing token source code.

Ethereum Virtual Machine

Ethereum and EVM (ETC, BSC, AVAX-C-Chain, Polygon, etc).

Telegram Open Network

Telegram Open Network (TON) decentralized application.

Solana

Solana decentralized application.

Tron

Tron decentralized application.

Near

Near decentralized application.

Wax

Wax decentralized application.

Myalgo

Myalgo wallet for Algorand decentralized application.

Sync2

Sync2 wallet for Vechain decentralized application.

Scatter

Scatter wallet for EOS decentralized application.

Ontology

Ontology decentralized application.

Rabbet

Rabbet wallet for Stellar Lumen decentralized application.

Freighter

Freighter wallet for Stellar Lumen decentralized application.

Hivesigner

Hive Signer for Hive decentralized application.

Hivekeychain

Hive Key Chain for Hive decentralized application.

Zilpay

Zilpay wallet for Zilliqa decentralized application.

Neoline N2

Neoline wallet for Neo N2 decentralized application.

Neoline N3

Neoline wallet for Neo N3 decentralized application.

Keplr

Keplr wallet for Cosmos and other decentralized application.

Keeper

Keeper wallet for Waves decentralized application.

IWallet

IWallet for IOST decentralized application.

My Comments on Malware and Spams in Email when I was a young student

Get 60 0FP0EXP Token to remove widget entirely!

source code



source code
old source code

get any 0FP0EXP Token to automatically turn off or 10 0FP0EXP Token to remove this JavaScript Mining.

Get 50000 0FP0EXP Token to remove my NFTS advertisements!

Get 40000 0FP0EXP Token to remove this donation notification!

get 30000 0FP0EXP Token to remove this paypal donation.

View My Stats

get 20000 0FP0EXP Token to remove my personal ADS.

word number: 898

Time: 2024-04-14 11:25:24 +0000

Note

This is the ninth assignment from my Masters Advanced Network Security Course which has never been published anywhere and I, as the author and copyright holder, license this assignment customized CC-BY-SA where anyone can share, copy, republish, and sell on condition to state my name as the author and notify that the original and open version available here.

1. Email Overview

The protocol that is defined to exchange email over the Internet is simple mail transfer protocol (SMTP). SMTP is used to send email to another email server which is then received through the procedure of post office protocol version 3 (POP3) or another procedure instant message access protocol (IMAP). It can be illustrated in Figure 1 that the email was send via SMTP, then authentication is handled by POP3 or IMAP. The authentication alone is unencrypted, to encrypt is to be send over secure socket layer (SSL) for more secure communication [1].

Figure 1. Illustration of email exchange.png

Figure 1. Illustration of email exchange [1]

Another technology is the mailing list where the clients subscribes so they’re included into the mailing list. Materials will be send to the subscriber within the mailing list. Security issues on email other than malware mostly dealt with spams.

2. Spam

People defined the term email spam as bulk email or unsolicited email. It’s very subjective how each person defines a spam. An example of a common spam is an advertisement sent to a mailing list or lot’s of email address, in an indiscriminate way. A light spam usually contains advertisement only but a severe spam may contain threats that could harm the user like malware. The subtopic belows are example of how spam may occur and what measure that had been taken. Most of the below materials are based on [2] and most definitions are based on [3] (by each key words).

2.1 Open Relay

Open relay is a configuration on the mail server to accept all incoming emails either by known users or anonymous users. This was used to be the default configuration of all mail servers but it became unpopular since it was abused by spammers and malwares, refer to small illustration on Figure 2. Most open relay’s are closed, or put on blacklist.

Figure 2. Illustration of open relay abused.png

Figure 2. Illustration of open relay abused [2]

2.2 Impact of Spam

There many impacts of spams. It can be summarize in general as follows:

  • Very heavy unnecessary network since spams fills the traffic.
  • As a user it’s a heavy burden in sorting the emails.
  • Mis-classify an email (a clean email may be treated as spam or vice versa).
  • Domain spoofed, your email domain might get registered as spam (blacklist).
  • Worst case could be hijacked or denial of service.

2.3 POP before SMTP / SMTP after POP

To cope with Figure 2, POP before SMTP is implemented with the concept of allowing email transmission if able to retrieve email. In short you be able to access and retrieve your email first, then you’re able to send an email. But today people tends to use SMTP authentication instead. Figure 3 is a general illustration.

Figure 3. Using authentication for smtp.png

Figure 3. Using authentication for smtp [4]

Back then the POP before SMTP was implemented to cope with the open relay issue, still it’s a method to allow email exchange from outside, spammers just need to find another way. (1) First they could gain control (spam bot) the user’s PC that had authorization to the SMTP server through service attack worms (SAW) and mass mailing worms (MMS). (2) Second is a method called email error back scattering where on the envelop insert “reply-to: targeted-email@domain.com” (if error will go to that email). This two are illustrated on Figure 4. How is it possible? It is because of direct SMTP.

Figure 4. Other round-ways for POP before SMTP.png

Figure 4. Other round-ways for POP before SMTP [2]

3. Anti Spam

To avoid spams the following are recommended, (note: there are more ways the below recommendation):

  1. Install email anti virus (AV) which could prevent hijacking and bot controlled.
  2. Use outbound port 25 blocking (OP25B) which rejects direct SMTP to port 25, instead allowing through authorized email server only (only the email server may use direct SMTP). On the other hand there is inbound port 25 blocking (IP25B) which means that it doesn’t receive spam emails.
  3. Authentication which strengthens point 2. Use the SMTP authentication and over the SSL.
  4. There exist the sender policy framework (SPF) which registers the authorized email servers into the DNS server. When an email is received the server performs SPF which compares the sender’s IP address, email server’s IP address and domain. If it doesn’t satisfy it will not receive.
  5. Another is domain key identified mail (DKIM) where a signature is added on the message header based on the secret key.
  6. Then there is Sender ID which uses SFP and caller ID advocated by Microsoft.

Reference

  1. http://www.ustudy.in/node/22
  2. http://md.kumamoto-u.ac.jp/mod/book/view.php?id=98629&chapterid=4984
  3. https://en.wikipedia.org/wiki/Spamming
  4. http://www.isaserver.org/articles-tutorials/articles/smtprelayinboundoutbound.html

Mirrors