Daily Spin: The Very BEST Way to Get Rid of Spam

Hint: it's not [just] a spam filter. Our reviewer Christopher Beers examined three ways to authenticate users that could possibly replace -- or, more to the point, enhance -- today's

February 22, 2006

5 Min Read
Network Computing logo

From the Labs

The Very BEST Way to Get Rid of Spam

We all live with spam these days, and most of us live with spam filters too. Whether you find spam filters a bane or a boon probably depends on how many false positives they turn up. Network Computing tested spam filters last year (Review: Spam Filters ) and found them effective for taking a bite out of spam. But we were left feeling that mere spam filters come up a bit short.

So we sent reviewer Christopher Beers back into the lab to take the next step and examine e-mail authentication techniques. The short story is this: if you can accurately identify who has sent you an e-mail, it's much more likely that the e-mail is legitimate. In particular, such techniques make it harder for spammers to fake a "from" address or use a malware-infected PC to send out bulk spam.

Overall, we looked at three e-mail authentication techniques in quite a bit of detail. Here's a crib sheet to help sort through our findings:

Sender Policy Framework, or SPF

SPF records, specially crafted DNS TXT records, tell other e-mail servers which mail servers you allow outbound e-mail from SPF records also contain a confidence level that helps the receiving e-mail system determine authenticity.

The Verdict: The specification's ease of deployment will let everyone publish SPF records quickly, and its record checking is supported by just about every e-mail server vendor.

Sender IDSender ID, a backward-compatible extension to SPF, is a sender-authentication scheme backed by Microsoft and in use for Hotmail and MSN services. These services display Sender ID results in their Web mail interfaces.

The Verdict: Sender ID is easy to implement and provision on both the sending and receiving sides. But it's surrounded by licensing controversy that's slowing its uptake by other vendors.

Domain Keys Identified Mail, or DKIM.

The DKIM sender-authentication approach is to sign outbound messages with a private key. Receiving e-mail servers can validate that the e-mail originated from a known source using public keys available in DNS, and they also can validate the integrity of the message--a capability SPF and Sender ID lack.The Verdict: DKIM has value, but its complex configuration requires significant changes to both inbound and outbound e-mail software and imposes a serious performance penalty on DNS traffic between sites.

So which approach is best? Read the full story to get the details, but according to our reviewer, SPF comes out on top.

Read the full story:

Review: E-mail Authentication Techniques

NWC Voices

Hello, I'm Batman

As we've seen, one way to combat spam is through better identity authentication. But identity issues can be tricky.

Or so says NWC's Lori MacVittie, who in today's featured blog post rails against the Violence Against Women and Department of Justice Reauthorization Act, which makes it a federal crime to "annoy" another person on the Internet without disclosing your "true" identity.

Lori finds plenty of fault with this overly-vague act, including:

Read Lori's full blog post here:

Hello, I'm Batman

NWC's Take on the News

Here's what we think of today's breaking news. Read the story and leave your own comment. Let's see if we agree ; >

More Than Half Receive At Least One Phish Daily According to a survey of 600 business users, 58 percent reported seeing one or more phishing mails in their inboxes daily.

NWC's Take:Why are phishing e-mails so prevalent? Because they work. Just assume that no legitimate business will e-mail you out of the blue and you'll be a lot better off.

Microsoft Slams Security Firm's Bounty For Windows Flaws

Microsoft blasts a security company's recent offer of $10,000 to someone who discovers a Windows flaw that leads to a critical fix.

NWC's Take:The ethics of security reporting are always a touchy subject, but the best policy may be no harm, no foul -- and get the flaws fixed as soon as possible.

Vista Versions May Number 8 Microsoft drops additional clues that the next-generation operating system will come in even more flavors than the current Windows XP.

NWC's Take:Latest SKU-leak -- pulled as soon as it was made public -- shows six versions of the next Microsoft OS.

Chicago Plans To Join Wi-Fi Party With Citywide Network The Windy City is preparing to become the Wi-Fi City.

NWC's Take:Chicago joins Philly and San Fran (Google) as big-time cities pursuing widespread Wi-Fi.

Stay informed! Sign up to get expert advice and insight delivered direct to your inbox

You May Also Like

More Insights