Life After Spoof: Page 2

(Page 2 of 2)

Krasser said this data is published using the same system that maps host names to IP addresses, which means that when a third party receives an email from a particular mail server, it can retrieve the SPF record for that host name and see if the mail server trying to deliver the message is listed as a valid sender for that domain.


The second suggestion focused on another open standard: Domain Keys Identified Mail, or DKIM.


Like SPF, DomainKeys also requires users to publish a record for their domain names, but when you send a message, it is cryptographically signed by your outgoing mail server. The receiver of your email can then check whether your signature is valid by retrieving the domain key record for your domain.


Because spammers can’t produce valid signatures, their messages will be identified as spoofs.


“In both cases, it’s like the post office which stamped your letter must be in a pre-approved list to send letters with your postal address,” he quipped.


Armed with these two standards, I feel like I’ve beaten my spoofer once and for all.  Sure, complying with the two new standards slows down my email a bit, and yes, haters, both efforts require widespread adoption to ever make that much of a difference.


At this point, however, after surviving a terrible spoofing attack, I’ll take all the help I can get.

Page 2 of 2

Previous Page
1 2

Tags: security, Microsoft, malware, policy, e-Mail

0 Comments (click to add your comment)
Comment and Contribute


(Maximum characters: 1200). You have characters left.



IT Management Daily
Don't miss an article. Subscribe to our newsletter below.

By submitting your information, you agree that datamation.com may send you Datamation offers via email, phone and text message, as well as email offers about other products and services that Datamation believes may be of interest to you. Datamation will process your information in accordance with the Quinstreet Privacy Policy.