Spam Spotlight on Reputation

R. A. Hettinga rah at
Mon Sep 6 10:52:03 PDT 2004



 Spam Spotlight on Reputation

Spam Spotlight on Reputation

September 6, 2004
 By   Dennis Callaghan

As enterprises continue to register Sender Protection Framework records,
hoping to thwart spam and phishing attacks, spammers are upping the ante in
the war on spam and registering their own SPF records.

E-mail security company MX Logic Inc. will report this week that 10 percent
of all spam includes such SPF records, which are used to authenticate IP
addresses of e-mail senders and stop spammers from forging return e-mail
addresses. As a result, enterprises will need to increase their reliance on
a form of white-listing called reputation analysis as a chief method of
blocking spam.

E-mail security appliance developer CipherTrust Inc., of Alpharetta, Ga.,
also last week released a study indicating that spammers are supporting SPF
faster than legitimate e-mail senders, with 38 percent more spam messages
registering SPF records than legitimate e-mail.

The embrace of SPF by spammers means enterprises' adoption of the framework
alone will not stop spam, which developers of the framework have long

Enter reputation analysis. With the technology, authenticated spammers
whose messages get through content filters would have reputation scores
assigned to them based on the messages they send. Only senders with
established reputations would be allowed to send mail to a user's in-box.
Many anti-spam software developers already provide such automated
reputation analysis services. MX Logic announced last week support for such

"There's no question SPF is being deployed by spammers," said Dave
Anderson, CEO of messaging technology developer Sendmail Inc., in
Emeryville, Calif.

"Companies have to stop making decisions about what to filter out and start
making decisions about what to filter in based on who sent it," Anderson

The success of reputation lists in organizations will ultimately depend on
end users' reporting senders as spammers, Anderson said. "In the system
we're building, the end user has the ultimate control," he said.

Scott Chasin, chief technology officer of MX Logic, cautioned that
authentication combined with reputation analysis services still won't be
enough to stop spam. Chasin said anti-spam software vendors need to work
together to form a reputation clearinghouse of good sending IP addresses,
including those that have paid to be accredited as such.

"There is no central clearinghouse at this point to pull all the data that
anti-spam vendors have together," said Chasin in Denver. "We're moving
toward this central clearinghouse but have to get through authentication

R. A. Hettinga <mailto: rah at>
The Internet Bearer Underwriting Corporation <>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

More information about the cypherpunks-legacy mailing list