Email used to be the "number one killer application" of the Internet. However, misuse and abuse such as spam, phishing, and malware attacks have plagued the email systems. Considering deterrence as important as prevention and protection in countering misuse and abuse, we aim to improve the accountability in the email system beyond identification and non-repudiability. Full accountability should be an intrinsic condition for trust, and it constitutes the basis of deterrence against email misuse and abuse. Therefore, we propose to use a layered trust management framework to help email receivers eliminate their unwitting trust and provide them with accountability support. This helps systems to deter misuses and address wrongdoings. By describing and analyzing how our trust management facilitates email accountability, we also show that it can be used to improve the trustworthiness of the Internet services as a whole.

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	Alfarez Abdul-Rahman , Stephen Hailes, A distributed trust model, Proceedings of the 1997 workshop on New security paradigms, p.48-60, September 23-26, 1997, Langdale, Cumbria, United Kingdom  [doi>10.1145/283699.283739]
	2	B. Adida, S. Hohenberger, and R. L. Rivest. Fighting phishing attacks: A lightweight trust architecture for detecting spoofed emails. In USENIX Steps to Reducing Unwanted Traffic on the Internet Workshop (SRUTI), 2005.
	3	Eric Allman, The Economics of Spam, Queue, v.1 n.9, December/January 2003-2004  [doi>10.1145/966789.966799]
	4	Steven M. Bellovin, Spamming, phishing, authentication, and privacy, Communications of the ACM, v.47 n.12, December 2004  [doi>10.1145/1035134.1035159]
	5	Matt Blaze , Joan Feigenbaum , Jack Lacy, Decentralized Trust Management, Proceedings of the 1996 IEEE Symposium on Security and Privacy, p.164, May 06-08, 1996
	6	Nikita Borisov , Ian Goldberg , Eric Brewer, Off-the-record communication, or, why not to use PGP, Proceedings of the 2004 ACM workshop on Privacy in the electronic society, October 28-28, 2004, Washington DC, USA  [doi>10.1145/1029179.1029200]
	7	Brent N. Chun , Andy Bavier, Decentralized Trust Management and Accountability in Federated Systems, Proceedings of the Proceedings of the 37th Annual Hawaii International Conference on System Sciences (HICSS'04) - Track 9, p.90279.1, January 05-08, 2004
	8	John R. Douceur, The Sybil Attack, Revised Papers from the First International Workshop on Peer-to-Peer Systems, p.251-260, March 07-08, 2002
	9	Z. Duan, K. Gopalan, and X. Yuan. Behavioral characteristics of spammers and their network reachability properties. In ICC '07. IEEE International Conference on Communications, pages 164--171, June 2007.
	10	C. Ellison. SPKI/SDSI certificates. http://world.std.com/~cme/html/spki.html, January 2004.
	11	C. Ellison , B. Frantz , B. Lampson , R. Rivest , B. Thomas , T. Ylonen, SPKI Certificate Theory, RFC Editor, 1999
	12	E. J. Friedman and P. Resnick. The social cost of cheap pseudonyms. Journal of Economics & Management Strategy, 10(2): 173--199, 06 2001.
	13	Simson L. Garfinkel , Robert C. Miller, Johnny 2: a user test of key continuity management with S/MIME and Outlook Express, Proceedings of the 2005 symposium on Usable privacy and security, p.13-24, July 06-08, 2005, Pittsburgh, Pennsylvania  [doi>10.1145/1073001.1073003]
	14	T. Gray. Security in the post-Internet era: The needs of the many vs. the needs of the few. In Security at Line Speed Workshop Findings and Report, November 2003.
	15	P. Gutmann. Why isn't the internet secure yet, dammit? In AusCERT Asia Pacific Information Technology Security Conference 2004. AusCERT, May 2004.
	16	G. Hardin. The tragedy of the commons. Science, 162(3859): 1243--1248, 1968.
	17	A. Juels and J. Brainard. Client puzzles: A cryptographic countermeasure against connection depletion attacks. In Proceedings of NDSS '99 (Networks and Distributed Security Systems), pages 151--165, 1999.
	18	Jaeyeon Jung , Emil Sit, An empirical study of spam traffic and the use of DNS black lists, Proceedings of the 4th ACM SIGCOMM conference on Internet measurement, October 25-27, 2004, Taormina, Sicily, Italy  [doi>10.1145/1028788.1028838]
	19	R. Levien, L. McCarthy, and M. Blaze. Transparent Internet e-mail security. http://citeseer.ist.psu.edu/levien96transparent.html.
	20	Bob Metcalfe, Bob Metcalfe on What's Wrong with the Internet: It's the Economy, Stupid, IEEE Internet Computing, v.1 n.2, p.6-17, March 1997  [doi>10.1109/MIC.1997.601070]
	21	Anirudh Ramachandran , Nick Feamster, Understanding the network-level behavior of spammers, ACM SIGCOMM Computer Communication Review, v.36 n.4, October 2006
	22	Gautam Singaraju , Brent ByungHoon Kang, RepuScore: collaborative reputation management framework for email infrastructure, Proceedings of the 21st conference on Large Installation System Administration Conference, p.1-9, November 11-16, 2007, Dallas
	23	B. Watson. Beyond identity: Addressing problems that persist in an electronic mail system with reliable sender identification. In CEAS 2004 - First Conference on Email and Anti-Spam, Mountain View, CA, USA, July 2004.
	24	Marianne Winslett , Ting Yu , Kent E. Seamons , Adam Hess , Jared Jacobson , Ryan Jarvis , Bryan Smith , Lina Yu, Negotiating Trust on the Web, IEEE Internet Computing, v.6 n.6, p.30-37, November 2002  [doi>10.1109/MIC.2002.1067734]
	25	Mengjun Xie , Heng Yin , Haining Wang, An effective defense against email spam laundering, Proceedings of the 13th ACM conference on Computer and communications security, October 30-November 03, 2006, Alexandria, Virginia, USA  [doi>10.1145/1180405.1180428]
	26	Yinglian Xie , Fang Yu , Kannan Achan , Eliot Gillum , Moises Goldszmidt , Ted Wobber, How dynamic are IP addresses?, Proceedings of the 2007 conference on Applications, technologies, architectures, and protocols for computer communications, August 27-31, 2007, Kyoto, Japan
	27	Aydan R. Yumerefendi , Jeffrey S. Chase, Trust but verify: accountability for network services, Proceedings of the 11th workshop on ACM SIGOPS European workshop, p.37-es, September 19-22, 2004, Leuven, Belgium  [doi>10.1145/1133572.1133585]