Anti-Spam secret weapon

Source: TechTarget

Spam is becoming more and more serious. The Washington Post said that due to insufficient evidence yesterday, the judge released a woman from North Carolina, who had been accused of sending spam emails.

According to the article, Judge Loudoun County Circuit Thomas D. Horne dismissed the complaint against 28-year-old Jessica DeGroot because the jury fell into a pile of technical evidence and the new Virginia anti-spam law. DeGroot was accused of sending large numbers of ads to tens of thousands of online U.S. email accounts.

This case is another factor driving the current wave of anti-spam campaigns. The Can Spam act, Bayesian filters, blacklists, and whitelists cannot block the spread of Spam. It seems that spam senders have their solutions for every algorithm and network security tool.

Meng Weng Wong, a principal developer of the sender's Policy Framework (SPF) and founder of Pobox.com, said: "We are playing 'peak' with spam senders '".

Wong and other experts have called on companies to support their criteria for verifying the sender, which emphasizes that the new so-called credit service will be assessed against a series of criteria. After confirming the trusted elements, reject the spam sender from the gateway and "it is doubtful until it is confirmed to be innocent ".

A series of standards that fall into the chaos of Internet Engineering Working Groups have been supported by some companies, such as the TrustedSource credit service of CipherTrust. This Service works with the company's IronMail mail security tool.

The proposed standards include the sender's policy framework and Microsoft's sender ID architecture (SIDF ). SPF is an extension of SMTP. Once the domain name in the sender does not match the domain name in the list of domain authentication IP addresses, it will reject the sent information. SIDF combines SPF with Microsoft's former email tool Caller ID.

An email security analyst believes that these proposals need to be supported by enterprise users. At the same time, Dan Golding of the Burton Group said that security executives should only consider the credibility service, which builds domain-related information on a free SPF basis. "Without the foundation of SPF records, they are useless ." Golding said.
 

But there is another problem. Although Microsoft, Amazon.com, and eBay have agreed to the proposed standards, many major network companies, including Yahoo, have expressed their opposition.
 
Yahoo expressed strong opposition to SPF and SIDF. The Network Search Engine Company is proposing a relative proposal called DomainKeys, which will use public key encryption technology, which has not been widely supported in the past.

SPF and SIDF can effectively prevent a large number of domain name spoofing and network fraud behaviors, which is easier to execute than DomainKeys. Andrew Newton, who has compiled anti-spam logs, said: "SPF and SIDF are easier to understand than DomainKeys. They only need a few commands ."

Newton is also the deputy leader of the anti-spam IETF (Internet Engineering Task Group), which has been working on SFP and SIDF. The Working Group was disbanded last year. In Newton's view, this was partly due to a political dispute between suppliers and "open source enthusiasts.

SPF and SIDF can be used only when a large number of enterprises actively participate and register their domain names and IP address records on websites such as Pobox.com.

Then tools and services such as those from CipherTrust and IronPort System that support SPF and SIDF can use the data to capture network scammers.

Golding said: "To use SPF to prevent domain name spoofing, large enterprises must provide their SPF records. For those enterprises, creating SPF records and checking are very important security measures ." It is a pity that some mainstream banks lack SPF records.

Apart from BankAmerica and one or two other banks, many major American banks have not created SPF records even though their domains are often attacked by cyber scammers.