e-mail tagged as spam
The most widely used mechanism for determining the e-mail server for a specified domain will be the 'MX' (Mail Exchanger) record, which states which server is designated to accept e-mails for your domain. The 'PTR' (Pointer) record instructs the receiver to check the domain name of the sending host through DNS, and to check if this record corresponds with the domain name being checked. If there is a match, the e-mail is from an accepted source, but if there isnâ€™t it's a forgery. 'PTR' records are used in Reverse Lookup zones. Future plans for SPF include mail user agents (MUAs), which we normally think of as e-mail clients such as Outlook or Eudora, to be able to recognize messages that have passed the tests of authentication and reputation/accreditation and mark them or route them to a folder indicating that they are highly likely to be legitimate mail (the opposite of the "junk mail" folder where e-mail clients currently put messages that are likely to be spam). Drawbacks of SPF Once widely adopted, SPF would operate on a email sender "guilty until proven innocent" philosophy in regard to e-mail. The default would be to consider messages that are not authenticated or don't pass the reputation/accreditation test to be spam. The danger in this would be the same as current overly aggressive spam content filters: the likelihood of false positives. Receiving mail you don't want is annoying and can even be costly in terms of time and lost productivity. But not receiving a critical message could cost much more. The 'A' (Host) record allows you to specify that any machine with an address entry in the DNS database which matches your domain is allowed to send e-mail. Since many senders aren't yet supporting authentication, ISPs are unlikely to start blocking non-authenticated email immediately; so much legitimate email would be rejected unfairly. And many ISPs don't do email authentication checks anyway. Despite its usefulness and popularity, e-mail poses a couple of big problems. The system is based on the Simple Mail Transport Protocol (SMTP), which was designed with speedy delivery, rather than security, as its prime objective. In that way, e-mail is modeled on the "snail mail" system. Anyone can drop a letter in a physical mailbox with no return address or false return address information. Likewise, e-mail can be sent with an inaccurate or "spoofed" return address. A major "loophole" in SMTP is its lack of authentication email sender; it is, after all, the Simple Mail Transport Protocol, and at the time it was created, security was much less a concern than it is today and spam and phishing were nonexistent. Thus, there's no mechanism for detecting spoofed header information. A three-pronged solution It's important to note that authentication will not, by itself, stop spam. The best it can do is help stop the falsification of sender information. Spammers can use authentication mechanisms, too. Just because the sender is authenticated, that does not mean the message is one that you want. Spammers can register domains and publish SPF records just like anyone else, and in fact, a number of studies have indicated that spammers are early adopters of the authentication schemes. Thus, authenticating the sender is only the first step in stopping spam and phishing messages. The Aspen Policy Institute came up with the "Accountable Net" framework (also referred to as the Aspen framework in Internet circles) in December 2003. This outlines a community-based approach to verifying identity and fostering accountability on the Internet, based on three factors: * Authentication * Reputation * Accreditation Authentication This last situation, at least, would be helped by widespread use of email sender authentication and blacklists would have more credibility. Accreditation Share a file, part 2. If using file-sharing services or web-based office apps to share a file is against company policy, try this. Most larger companies will have an Intranet site, possibly with employee web pages. You may be able to upload your file to your employee website. Just share the link in email. If your computers are part of the same company network, you probably already know this, but there is usually a common repository, possibly organized by project. If you and your colleague both have the same network permissions, upload your file to the project area and email them the directory path. 57. Share a file, part 3. One alternative that works nicely, provided it is not against company policy, is to use the file-sharing feature of a VoIP (Voice over Internet Protocol) or VoIM (Voice over Instant Messaging) client, such as Skype or Windows Live/ MSN Messenger. If you are in a large company, you might be using a more corporate solution such as Lotus Notes, which, if memory serves, has its own Messenger. 58. Accreditation creates another element of reputation, the whitelist, which contains "known good" senders. SPF: What's it all about? SPF is the most popular sender authentication technology. It was developed as an extension to SMTP in 2003 by a group led by Meng Weng Wong, who founded pobox.com and runs the SPF Web site. It was originally called Sender Permitted From but later morphed into the Sender Policy Framework. The concept grew out of two previous sender authentication proposals: Reverse MX (RMX) and the Designated Mailers Protocol (DMP), and is based on the original ideas of Jim Miller, Paul Vixie and Hadmut Danisch. How SPF works Some possibilities: * If a sender cannot be verified through authentication, then an ISP might consider blocking that email sender or at least adding a few more points to its spam score * Alternatively, the ISP might deliver that email, but tag it somehow as "cannot verify sender" * Or the ISP might deliver unverified email as normal, but mark verified email as "Sender authenticated" You can immediately see how this impacts on email marketing. Email authentication is an important issue for marketers because it affects deliverability directly. And it impacts how your readers perceive your message (through the "verified" and "non-verified" tags). Now, there are lots of ISPs, email providers and senders of email. And authentication requires specific action by both receivers (ISPs and providers) and senders to work. An ISP can only authenticate an email if the sender has taken particular steps to enable the authentication process. A mail transfer agent (MTA) is the mail server software that handles delivery of e-mail messages (for example, Exchange or Sendmail). Under the Sender Policy Framework, owners of e-mail domains authorize specific MTAs (mail servers) to be the designated senders for their domains. They do this by publishing the information in the DNS records in TXT format. You need to publish an SPF record for each domain and subdomain or hostname that has an A or MX record in DNS. You must use the DNS server that hosts your domain on the Internet (rather than a local DNS server) to publish the SPF records. The MAIL FROM command initiates SMTP messages. The return-path address is part of the MAIL FROM command, which is shown in the e-mail headers. SPF compares the client IP address with the SPF record for the domain that's shown in the return-path address to make sure they match. You can view the Internet headers in most e-mail clients, as shown in Figure A. Figure A SPF checks the domain in the return-path address against the client IP address Once the identity of the sender has been authenticated, MTAs can use reputation and accreditation (DNS blacklists and whitelists, or DNSBLs and DNSWLs) to decide whether to block or allow the message. Keep in mind that the information in DNS is available to the public. You might have internal servers that need to send mail from your domain, but you don't want those machines' addresses published in the public records. In that case, the simplest solution is put the servers' addresses in a DNSWL. This list is not available to the public, just to your SMTP server.