Security

The Robustness of New Email Identification Standards

Download Now Free registration required

Executive Summary

Vulnerabilities in email protocols allow spammers to readily hide their true identities. These shortcomings have motivated proposals for new standards for authenticating messages. Sender Policy Framework (SPF) and DomainKeys Identified Mail (DKIM) represent two such mechanisms. Both authentication schemes are nevertheless open to abuse by spammers. This paper explores the challenges of the deployment of SPF and DKIM in a robust manner by network administrators. The analysis suggests that the new standards are unlikely to credibly constrain the ability of spammers to cloak their identities, and hence will effectively be utilized only in combination with self-learning Bayesian content filters.

  • Format: PDF
  • Size: 1914.88 KB