ABL: An original active blacklist based on a modification of the SMTP

TL;DR

This paper introduces ABL, an active blacklist system based on SMTP modifications, which effectively reduces spam with minimal impact on legitimate email processing, demonstrated through extensive experiments and real-world deployment.

Contribution

The paper presents a novel SMTP-based active blacklist system, ABL, integrated into Zimbra, showing improved spam filtering and minimal performance overhead, and is publicly available for use.

Findings

ABL rejected 20.94% of spam emails during testing period

ABL maintained similar performance to original server for legitimate emails

Spammer servers experienced increased computational costs when using ABL

Abstract

This paper presents a novel Active Blacklist (ABL) based on a modification of the Simple Mail Transfer Protocol (SMTP). ABL was implemented in the Mail Transfer Agent (MTA) Postfix of the e-mail server Zimbra and assessed exhaustively in a series of experiments. The modified server Zimbra showed computational performance and costs similar to those of the original server Zimbra when receiving legitimate e-mails. When receiving spam, however, it showed better computing performance and costs than the original Zimbra. Moreover, there was a considerable computational cost on the spammer's server when it sent spam e-mails. ABL was assessed at the Federal University of Itajub\'{a}, Brazil, during a period of sixty-one days. It was responsible for rejecting a percentage of 20.94% of the spam e-mails received by the university during this period. After this period, it was deployed and remained in use, from July-2015 to July-2019, at the university. ABL is part of the new Open Machine-Learning-Based Anti-Spam (Open-MaLBAS). Both ABL and Open-MaLBAS are freely available on GitHub.