Get rid of SPAM with SMTP authentication (updated)
Posted by: PSlijkhuis in Exchange, UncategorizedMany initiatives try to eliminate the SPAM problem. One of these initiatives is e-mail or domain authentication. Some examples are SPF, Sender ID, MARID and recently DKIM.
<update may 2007>
As of May 2007 a new RFC has been introduced by companies involving Yahoo, Sendmail, Cisco and PGP corporation. This new solution against spam is called DKIM (DomainKeys Indentified Mail). It involves a common approach; using a PKI infrastructure. I wonder what this is going to cost to implement? PKI is not innovative technology and encryption / decryption technology is expensive in regards to the volume of email. It is true: SPAM is usually not encrypted. So the more email you encrypt, the less SPAM you receive/send?
</update>
But why this? What are the threads? Well, it is all about abuse of e-mail adresses or domains, because of:
- Spammers want to prevent non-deliveries on their own e-mail addresses
- Fraudsters want to stay anonymous and delete tracks
- Computer worms want to cause confusion or do not really care what e-mail address it abuses
- Phishers want to fake trusted or known senders to get hold of secred information like passwords of credit card numbers
SPF stands for “Sender Policy Framework” which is an open source standard. The development is initiated to secure and check the so called “sender envelope address”, better known as the mail-from address. The underlying technique is a SPF record in DNS. In short: when senders name and ip address deliver a match according to DNS the e-mail is considered authentic. This way, an IP address builts up a reputation. The receiver of the e-mail owns a crucial step in this process. It is the receiver that has to perform the check according to the SPF specs. Implementation is always part of the MTA agent.
More background information and software suppliers via: www.openspf.org or http://new.openspf.org/Implementations
Sender ID (SID) is a Microsoft development. To make use of it you must sign a licence but without fee costs. It is therfore not a GPL/GNU type of license and that of course is the main criticism towards this standard. It is actually a proposal for SPF v2. It still uses the same SPF record in DNS. Microsoft adds a PRA (purported responsible address) definition to it. Also Microsoft defined a SIDF (F for framework) on top of the technology to deliver the intelligence needed, e.g. historical information, logging, traffic analyses. Important to know is that Sendmail has adapted this standard too. Together with Exchange I think this is a strong bases for success. It is still a draft proposal. As is PRA.
More info: http://www.microsoft.com/senderid
MARID is the acronym for “MTA authentication records in DNS”. It is actually the name for an IETF workgroup. This workgroup wishes to create an open standard for SMTP authentication. It is also this workgroup that does not accept the way Microsoft delivers her SID technology to the public. At the same time they advise not to ignore this technology.
More information found on:Â www.ietf.org or the well known IT news sites like: www.windowsitpro.com.
Meanwhile over tens of thousands SPF registrations has been taken place. Of course it is not the holy grale of anti-spam, but it is one important counter measure that any organisation should implement. You should always prevent that your organisation appears on a black list.
Please share your experiences / ideas with SPF v1 / v2. I look forward to your comments
- Paul
And this too:
I found it interesting to read that Microsoft in a press announcement has published that mr. Meng Weng Wong is the inventor of the SPF standard. The supporting SPF website openSPF strongly denies this fact!
Entries (RSS)