Version: 2008

Comments on: Antispam spec sets off on path to standard

Yahoo, Cisco and partners have submitted DomainKeys Identified Mail, which helps verify the sender of a message, to a standards body.

Add a Comment (Log in or register) (6 Comments)
  • prev
  • 1
  • next
YAY! ITEF Rocks!
by Bytesmiths July 11, 2005 6:55 PM PDT
Stamp out proprietary, controlled solutions!

Where can I sign up? I get THOUSANDS of spams a week!
Reply to this comment
This is not an abti-spam technology
by hadaso July 12, 2005 2:13 PM PDT
This is not an abti-spam technology. At most it can provide some protection to brand names. Spammers would be able to publish their own keys and authenticate their identity as domain owners, which has nothing to do with being able to tell if they are spammers or not, or to find out who they really are (other than the proud anonymous owners of a domain paid for by a credit card whose real owner has not yet found out was used to pay for a domain...)
YAY! ITEF Rocks!
by Bytesmiths July 11, 2005 6:55 PM PDT
Stamp out proprietary, controlled solutions!

Where can I sign up? I get THOUSANDS of spams a week!
Reply to this comment
This is not an abti-spam technology
by hadaso July 12, 2005 2:13 PM PDT
This is not an abti-spam technology. At most it can provide some protection to brand names. Spammers would be able to publish their own keys and authenticate their identity as domain owners, which has nothing to do with being able to tell if they are spammers or not, or to find out who they really are (other than the proud anonymous owners of a domain paid for by a credit card whose real owner has not yet found out was used to pay for a domain...)
One major disadvantage compared to SPF
by hadaso July 12, 2005 2:19 PM PDT
One major disadvantage compared to SPF is that Domain Keys requires that email headers be received before the sender's address can be authenticated, which is rather late in the process. SPF is better in that as soon as the sender's envelope address is given it can be authenticated, before any part of the message is passed. SenderID suffers from the same disadvantage.

And all of these systems suffer from the basic design, which is trying to authenticate the wrong data: the sender's alleged address. The only part of an email transaction that cannot be forged if the email transaction is to succeed is the recipient envelope address, and this is the data that should be used to authenticate that email received is wanted.
Reply to this comment
One major disadvantage compared to SPF
by hadaso July 12, 2005 2:19 PM PDT
One major disadvantage compared to SPF is that Domain Keys requires that email headers be received before the sender's address can be authenticated, which is rather late in the process. SPF is better in that as soon as the sender's envelope address is given it can be authenticated, before any part of the message is passed. SenderID suffers from the same disadvantage.

And all of these systems suffer from the basic design, which is trying to authenticate the wrong data: the sender's alleged address. The only part of an email transaction that cannot be forged if the email transaction is to succeed is the recipient envelope address, and this is the data that should be used to authenticate that email received is wanted.
Reply to this comment
(6 Comments)
  • prev
  • 1
  • next
advertisement

Latest tech news headlines

RSS Feeds

Add headlines from CNET News to your homepage or feedreader.

More feeds available in our RSS feed index.

advertisement
News
News site map
Latest headlines
Contact News
News staff
Corrections
CNET blogs
Popular topics
Apple iPhone
Apple iPod
Cell phones
CES 2010
GPS
LCD TV
CNET sites
CNET Site map
CNET TV
Downloads
News
Reviews
Shopper.com
More information
Newsletters
CNET Mobile
Customer Help Center
RSS
CNET Widgets
About CNET