Yahoo on Tuesday released an e-mail standard that prevents spammers from hiding behind legitimate e-mail addresses. Yahoo’s proposed standard, known as DomainKeys, would embed outgoing messages with an encrypted digital signature matched to a signature on the server computer that sends the message.
From Yahoo DomainKeys:
Email spoofing is the forging of another person’s or company’s email address to get users to trust and open a message - is one of the biggest challenges facing both the Internet community and anti-spam technologists today. Without sender authentication, verification, and traceability, email providers can never know for certain if a message is legitimate or forged and will therefore have to continually make educated guesses on behalf of their users on what to deliver, what to block, and what to quarantine, in the pursuit of the best possible user experience.
DomainKeys is a technology proposal that can bring black and white back to this decision process by giving email providers a mechanism for verifying both the domain of each email sender and the integrity of the messages sent (i.e,. that they were not altered during transit). And, once the domain can be verified, it can be compared to the domain used by the sender in the From: field of the message to detect forgeries. If it’s a forgery, then it’s spam or fraud, and it can be dropped without impact to the user. If it’s not a forgery, then the domain is known, and a persistent reputation profile can be established for that sending domain that can be tied into anti-spam policy systems, shared between service providers, and even exposed to the user.
Internet providers could check the signatures on incoming messages and block those that do not match up. The procedure would be invisible to regular e-mail users because it would be implemented by e-mail providers, Yahoo described.
Comments
5 responses so far ↓
Mohnesh kohli on May 19, 2004 at 11:08 pm
Will yahoo will be able to complete spam I thing it is a curse to internet industry and all should work for it
Thomas Littlepage on May 27, 2004 at 8:28 am
Any efforts to reduce or eliminate SPAM will reward you with increased customer loyalty and reduced cost. I personnaly would like to see a dual strategy consisting of technical and non-technial initiatives.
Your approach is a good technical start. A good non-technical approach would hit the spammers in the pocket book -where it counts. I have two apporaches to suggest. Charge a five cent fee per addressee on all emails with more than fifty addressees or for messages sent more than five times. SECOND SUGGESTION: Lets hit them harder in the pocekt book. Establish a tariff that would require the advertiser in a spam message to pay each recipient of the message say fifteen cents. Arrange this billing through the ISP which could keep a percentage, say five cents a message, for processing. Register the computer ID/name as a sender and if the advertiser doesn’t pay, the ISP blocks the computer from any on line activity.
HIT THEM IN THE WALLET AND THEY WILL GET THE MESSAGE.
EITHER THAT OR LETS JUST TAX EMAIL AT A NICKLE PER ADDRESSEE AND LET THE POST OFFICE HAVE THE REVENUE. ANYTHING TO STOP THE SPAM
doug on Oct 7, 2004 at 4:04 am
This is a fascinating initiative. It attacks the heart of the problem.
Charging 5 cents/message is useless if you can’t verify where it is coming from. Requiring domain verification seems like an ideal solution to the forgery issue, which would eliminate the vast majority of spam.
online poker on Jan 8, 2005 at 7:58 am
Hello. May I rent your layout for my site? :)
poker on Jan 15, 2005 at 9:25 am
YOU HAVE GOT SOME KIND OF CLASS IN THIS SITE. Good to see you up and around!
Leave a Comment