email sender software
SPF/Sender-ID requires changes to DNS and MTAs in order to work. The changes to DNS involve the addition of new records which identify machines authorized to send mail for a specific domain. MTAs (like Sendmail or Postfix) would add new functionality to verify that the email has not been forged; that the address of the person who sent the mail is in fact authorized to send mail for that domain. Of course, it's not nearly so simple as I describe. And some issues are not yet well settled, including which bit of information should be used to identify the sender. The TCP/IP protocol upon which the Internet is based contains the IP address of the machine attempting the mail transfer. That's called the envelope sender address. The email itself also includes a header record indicating who the email is from. It's called the header sender address. Your email client shows you the header sender address when it displays the "From" line of the email. Spammers typically forge the header sender address. That's why the note purportedly from your Aunt Nadine turns out to be about enlarging your manhood instead of the family reunion. There has been much debate along the way over which of the two -- the envelope sender address or the header sender address -- to use for verification. Prior to Microsoft's sandwiching SPF into Sender ID, the choice was to use the envelope header. Now it's the email header. There has also been some quibbling over Microsoft's choice of XML for the new DNS records. Some feel it is akin to HTML email, an aberration that has done much to spread viral infections to the unwary. A darker sin may be that XML is driving the "unspecified patent issue" that is also of much concern. Technically, many of the competing proposals show real promise in putting a dent in the volume of spam. But economics, IP concerns, and not-quite-open standards all threaten to prevent them from ever fulfilling that promise. The economics of spam Hadmut Danisch makes a pertinent observation in his paper on Reverse MX: As has been recently illustrated in the initial session of the IRTF's Anti Spam Research Group (ASRG) on the 56th IETF meeting, sending spam is a business with significant revenues. But a much bigger business is selling anti-spam software. This is a billion dollar market, and it is rapidly growing. Any simple and effective solution against spam would defeat revenues and drive several companies into bankrupt, would make consultants jobless. Therefore, spam is essential for the anti-spam business. If there is no spam, then no Anti-Spam software can be sold, similar to the anti-virus business. There are extremely strong efforts to keep this market growing. Viruses, Worms, and now spam are just perfect to keep this market alive: It is not sufficient to just buy a software. Databases need to be updated continuously, thus making the cash flow continuously. Have a single, simple, and permanent solution to the problem and - boom - this billion dollar market is dead. That's one of the reasons why people are expected to live with spam. They have to live with it to make them buy anti-spam software. Content filters are perfect products to keep this market alive. In this day and age -- in the United States, at least -- commercial interests have great influence with both the legislative and the executive branches of government. To think that the anti-spam industry will sit quietly by and allow their cash cow to be slaughtered without a fight is self-deluding. Neither are the courts necessarily a hostile place for spam artists. A major spammer -- reportedly the second largest in existence -- recently settled a case brought by New York state attorney general Eliot Spitzer for what amounted to a pittance -- $50,000.00 -- compared to the $20,000,000.00 fine that had been threatened. As reported in USA Today: Spitzer spokesman Brad Maione said neither Scott Richter nor OptInRealBig.com admitted any wrongdoing in the settlement. When announcing his suit, Spitzer said special Hotmail e-mail accounts set up by his investigators found thousands of e-mails in May and June 2003 that carried bogus "from" and "subject" lines, often indicating that the messages were part of ongoing conversations instead of being unsolicited commercial come-ons. The spammer's lawyer was quoted in the same article as saying, "The fact (that) the attorney general settled for $50,000 while initially talking about $20 million in damages 'speaks for itself...'"