[ale] anti email-spoofing efforts in practice?

Jeremy T. Bouse jeremy.bouse at undergrid.net
Thu Jul 10 12:36:58 EDT 2008


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

	I don't know about others but for my own servers I'm actually utilizing
SPF, DKIM and DK. I know Yahoo and GMail both do verify and honor DKIM &
DK signatures. I haven't bothered in my testing to notice if they
checked SPF or SIDF (which I guess I do use as my spf1 classic policy is
interpreted as SIDF).

	The biggest hurdle I see for all of the policy publishing methods (SPF,
SIDF, DK & DKIM alike) is that they only really work if the receiving
servers check and verify before accepting the email. I think as the
adoption of any of them increases on the receiving end it will begin to
show improvements in forgery prevention.

	The other consideration to take into account is that these only really
help with spoofing/forgery/phishing attempts and not really ideal for
anti-spam. I've actually noticed a growing amount of spam I receive that
actually passes one or more of these verification checks.

	I  had previously feel victim to a "joe job" attack and the backscatter
from it was flooding my mailbox. I actually had to turn one on of my
email addresses off for a period of time to let it die off.

	Regards,
	Jeremy T. Bouse

Greg Freemyer wrote:
> All,
> 
> Of SPF, SIDF, and DKIM what is the best protocal to actually use today
> to authenticate emails?  ie. Which is most widely in actual use by
> random email recipients?
> 
> === Details
> I'm trying to help a client prevent having spoofed emails sent under their name.
> 
> I've found this very informative white paper that describes available
> technologies:
> http://www.maawg.org/about/publishedDocuments/MAAWG_Email_Authentication_Paper.pdf
> 
> (Worth the read if you're interested)
> 
> Basically it describes SPF, SIDF, and DKIM but it does not give any
> real world info, and for each of these protocols you have to have both
> the sender and recipient implement the protocol for it to do anything.
> 
> Greg

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iF0EARECAB0FAkh2OqYWGGhrcDovL3N1YmtleXMucGdwLm5ldAAKCRCagQNPdb5V
OSnzAJ9dcsxevy4u3fGYkbdw6+vThDYx8ACgh2q/kXCKe2hvVRfJnl/bpN+BGSE=
=z2sE
-----END PGP SIGNATURE-----


More information about the Ale mailing list