Results 1 to 2 of 2
Like Tree1Likes
  • 1 Post By roraniel

Thread: DMARC ("Domain-based Message Authentication, Reporting & Conformance") Email Security

  1. #1
    roraniel's Avatar
    roraniel is offline Gold Member
    Join Date
    Oct 2008
    Location
    Pinehurst, NC
    Posts
    860

    Default DMARC ("Domain-based Message Authentication, Reporting & Conformance") Email Security

    My company did some contract work on this last year.

    Google, Microsoft, Yahoo!, PayPal go after phishers with new e-mail authentication effort

    Major e-mail providers, including Google, Microsoft, and Yahoo! are teaming up with PayPal, Facebook, LinkedIn, and more, to implement a new system for authenticating e-mail senders to try to prevent the sending of fradulent spam and phishing messages.



    The protocol that powers e-mail, SMTP, dates back to a more trusting era; a time when the only people who sent you e-mails were people you wanted to send you e-mails. SMTP servers are willing to accept pretty much any e-mail destined for a mailbox they know about (which is, admittedly, an improvement on how things used to be, when they'd accept e-mails even for mailboxes they didn't know about), a fact which spammers and phishers exploit daily.

    Read More Here:
    HappyAndyK likes this.

  2. #2
    DustinH's Avatar
    DustinH is offline Senior Member
    Join Date
    Aug 2008
    Location
    Boardman, OR
    Posts
    243

    Default

    The one thing that I see as a possible negative is that it sends a notification back to the sender, showing that the email address is alive and active. If it works flawlessly, great. But, if the spammer can modify and "beat" the system somehow, they'd get a good list of active email users by using this method. Unless there is a workaround to that.

    I am always assuming things are not foolproof. Things will always be hacked, broken, etc.. It may take some time, but it will. I'm sure it will give an immediate reduction in spam and phishing, which is greatly needed, and I'm hoping that it would be a standard that is constantly being updated and improved instead of SMTP and lasts decades. I love hearing all the new security updates for the Internet infrastructure (Secure-DNS, this, etc.)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22