What you will learn from this chapter excerpt: How Sender ID provides e-mail authentication and helps organizations avoid phishing.
Sender ID provides another authentication method. Microsoft began implementing
Sender ID to protect mailboxes at Hotmail and MSN. Sender ID is a
proposed specification developed within the MARID IETF Working Group
between May and October 2004. Sender ID works by looking at information
both in the "envelope" of the e-mail message and in the message itself.
Thought of as SPF + Caller ID, Sender ID compares that information with
data published by domain owners in the Domain Name System (DNS), to confirm
that the e-mail actually came from the domain that it appears to be from.
For example, recipients could be sure an e-mail from fred@yahoo.com was
actually from someone at the yahoo.com domain.
 |
| E-mail Security School |
| Attend our on-demand E-mail Security School webcasts and learn tactics for securing your e-mail systems while earning CPE credits from (ISC)2. |
|
|
|
|
Sender ID consists of two
parts: the SPF Classic plus PRA, allowing mail recipients to perform two kinds
of checks.
Unfortunately, several major issues arose during the operation of the Sender
ID working group, MTA Authentication for DNS (MARID), which led to its
demise. Technical questions arose as to whether Sender ID would work as
specified. Most of these questions were rooted in the basic differences between
path authentication and message authentication and remain unresolved.
Microsoft also filed for patents on parts of Sender ID, making the developer
community unhappy about the strict licensing and ownership control Microsoft
exerted, such as requiring Sender ID implementers to sign a license agreement
to protect undisclosed and unspecified patents. Although the actual patent
application was eventually published toward the end of the life of MARID, it
came too late.
Another factor in MARID's demise was that eager technology reporters frequently
reported email authentication as the final cure for spam. This created
great expectations for email authentication, which were dashed once the hard
truth settled in that email authentication did not stop spam.
As a result, any useful work of the MARID group slowed to a crawl with the
IETF eventually shutting down the group. Recently AOL has withdrawn its
support and is falling back on Sender Policy Framework (SPF). Evidently AOL
has technical concerns that Sender ID may not be fully backwardly compatible
with the original SPF specification.
E-MAIL AUTHENTICATION
Introduction
The Sender Policy Framework (SPF)
SenderID
DomainKeys
Cisco Identified Internet Mail
|
PHISHING: CUTTING THE IDENTITY THEFT LINE
By Rachael Lininger and Russel Dean Vines
334 pages; $29.99
John Wiley & Sons
Read Chapter 6, Helping your organization avoid phishing
|
|
