What you will learn from this excerpt: How Cisco Identified Internet Mail authenticates e-mail and helps organizations avoid phishing.
Designed to help identify fraudulent e-mail, Cisco Identified Internet Mail (IIM) is the proposed Cisco Systems signature-based e-mail authentication standard. Implementing IIM makes the sending domain more accountable for e-mail originating from its domain and limits the ability of spammers and malware distributors to forge return addresses or disguise the identity of infected systems.
To establish the authenticity of an e-mail message, IIM verifies that the message sender is authorized to send messages using a given e-mail address and that the original message was not altered in any consequential manner. IIM adds two headers to the message format: IIM-Signature and IIM-Verification. It also applies user-defined policies depending on the outcome of the message verification process.
The Sender Policy Framework (SPF)
Cisco Identified Internet Mail
PHISHING: CUTTING THE IDENTITY THEFT LINE|
By Rachael Lininger and Russel Dean Vines
334 pages; $29.99
John Wiley & Sons
Read Chapter 6, Helping your organization avoid phishing
This was first published in May 2005