TopNav + search

Messaging Newswire

Bi-monthly email newsletters
on email security & collaboration

Latest Newswire Issue
Subscribe to Newswire
Newswire Back Issues
Advertise

Messaging News Magazine

Messaging News Magazine

Subscribe to Magazine
Back Issues
Advertise

The Urgent Need to Implement Authenticated Email

A value proposition for senders, users, and domain holders

By Craig Spiezle
Director, Microsoft Technology Care and Safety Chair, emailauthentication.org

As an important part of the critical business infra-structure, email enables reliable communication among customers and partners to further global business relations, ecommerce and online banking. Unfortunately, spammers and phishers continue to exploit this infrastructure, creating security risks for users and jeopardizing the brands and domains of businesses worldwide.

Tremendous progress has been made in the fight against spam. Advances in email filtering technologies and continued anti-spam enforcement efforts have made spamming more difficult and, thus, a less rewarding and less profitable business. Still, spammers, and a growing breed of phishers, continue to become more creative and malicious in their attempts to rob users of their security, privacy, and financial assets. These scammers are notorious for exploiting the lack of verifiable identity in email to trick filters, and email recipients, into thinking a message is coming from a legitimate and trusted source.

Fortunately, the industry is making headway through a combination of innovative technologies that provide prescriptive guidance, effective legislation and enforcement, and industry collaboration. One of the most promising efforts to date-one that is already demonstrating real results-is email authentication.

By providing a mechanism by which a sender's identity can be confirmed, these technologies provide valuable input to spam filters and to accreditation and reputation solutions. This helps receiving networks better detect spam, while improving the deliverability of legitimate email.

What's New in Email Authentication?

Over the past 18 months, authenticated mail has evolved significantly from concept to implementation, with two complementary royalty-free approaches: the Sender ID Framework (SIDF) and DomainKeys Identified Mail (DKIM). SIDF is an Internet Protocol (IP)-based solution that was developed from the merger of the Sender Policy Framework (SPF) and Microsoft Caller ID for Email. DKIM is the merger of Yahoo! DomainKeys and Cisco's Identified Internet Mail (IIM) specifications.

Progress

During the past year, the industry has made significant progress in email authentication and other efforts to curb spam and online phishing exploits. Based on a recent analysis by VeriSign and MarkMonitor, approximately 2.5 million domains are now publishing SIDF records, which together account for more than 3 billion emails daily. Combined with DKIM, more than a third of Internet email is already being authenticated. While some spammers were early adopters of these specifications, their known "spamming reputation" allows receiving mail transfer agents (MTAs) and real-time block lists (RBLs) to detect and block them, fulfilling the promise of authentication.

Today, both the Direct Marketing Association (DMA) and the Email Service Provider Coalition (ESPC) require their members to authenticate all outbound email. In part from this call-to-action, and in addition to the continued industry collaboration and support for authentication from the Anti-Phishing Working Group, Federal Trade Commission, TRUSTe and other industry stakeholders, over 80 percent of the Fortune 200 companies are now authenticating their outbound marketing email.

Demonstrating industry support and adoption momentum to help meet the needs of businesses of all sizes, over a dozen MTA and anti-spam vendors are currently shipping products which are now SIDF and or DKIM enabled. Leading best of breed solutions are available today from Barracuda Networks, CipherTrust, Cisco, Cloudmark, ICONIX, IronPort, MailFrontier, Microsoft Exchange, OmniTI, Port25, SKYLIST, Sendmail, StrongMail and Symantec. Results from leading ISPs including AOL and MSN Hotmail, and commerce and banking sites that have adopted authentication mech-anisms show improved spam detection and enhanced sender reputation scoring-resulting in a reduction in false positive incidents among authenticated email senders. CS/MNP

For additional information on authentication and reputation resources, please visit www.emailauthentication.org which provides email tools and resources to assist the IT and business communities.

Learn More at Autehntication Summit II

April 19, 2006

Authentication Summit II is a full day conference-designed for IT professionals, marketers and business decisions makers who are looking to reduce the volume of spam hitting their networks, improve deliverability and confidence in email, protect users from phishing exploits, and protect their domains and brands from online exploits. With user confidence being tarnished by spam, phishing, and ID theft, this event provides an opportunity to help ensure the viability of the Internet and the future of electronic messaging.

Hosted at the Chicago Hilton, attendees will learn the latest advances in email authentication including the Sender ID Framework (SIDF) and DomainKeys Identified Mail (DKIM) as well as the importance of authenticating both inbound and outbound email. The Summit will focus on real life results and prescriptive information, including customer deployment data and case studies. The program will include general sessions and keynotes in the morning, followed by afternoon intensives. The technical sessions are designed for IT, security and technical professionals and the marketing sessions are targeted for the email marketing, ecommerce and business decision makers.

Program Elements

  • Evolution & Future of Electronic Messaging and Communications-Thinking outside of today's inbox.
  • Impact to Consumer Trust & Confidence-How authentication is defending against phishing.
  • State of the State of Authentication-Scorecard and view of the Fortune 500, ecommerce and financial services industries.
  • Case study from Bank of America-What it takes to authenticate inbound & outbound mail.
  • Impact to email deliverability and false positives.
  • Deep Dive into DKIM and Sender ID-How they are better combined than alone. Includes use case scenarios and lessons learned.
  • Beyond Authentication-Secure messaging and message level security.
  • Self Protection, Prevention & Compliance-What a domain holder can do to protect and prevent their domain from being compromised.

Solution Showcase

Summit attendees will have the opportunity to meet with executives and technical architects from over thirty companies, demonstrating the latest technologies and services enhancing online safety, secure email, and emarketing strategies. As part of the program and evening reception, this is a premier networking event!

How to Attend

To attend Authentication Summit II, visit www.emailauthentication.org/summit2006/summit2006.html. Register by March 15th and save $100 on your registration. Do not miss this important industry gathering-register today.