SMTP Flaws

By Dennis Callaghan  |  Posted 2004-02-12 Print this article Print

While no one wants to replace SMTP, there seems to be little debate that there are flaws in the protocol that need to be fixed. "Spammers spoof a lot," said Mark Wegman, researcher at IBMs T.J. Watson Research Center in Hawthorne, N.Y., describing spammers tactics to forge legitimate e-mail addresses. "They pretend to be various and sundry other people, and SMTP protocols let them do that."
Wegman said SPF would be a step in the right direction, but not a silver bullet that would stop all spam, a point that Wong doesnt dispute.
"[SPF] can certainly make it harder [to send spam], but I dont believe it will solve the problem," said Wegman, who believes virus attacks like MyDoom could still confound even an enhanced SMTP system. IBM Research is currently developing a spam filter that has been nearly 100 percent effective at catching spam, Wegman said. The filter takes into account content, delivery patterns and other factors that Wegman declined to name. It can be set up to support SPF as well, he said. "Even if SPF is just partially adopted, I think it will help us," Wegman said. As for IBM Researchs spam filter project, Wegman cautioned that its only being tested within IBM Research and has yet to be used in a true real-world setting. But its performance so far has been too good for product people at IBMs Lotus Software division to ignore, he said. "The numbers weve been getting are sufficiently encouraging that I think well be listened to," he said. Whether such a technology ever makes it out of the lab remains to be seen. Lotus has to this point relied mainly on partners to provide anti-spam technologies for its Notes/Domino and Workplace products and that strategy wont change for the time being, according to a company spokesman. "We dont want to roll out anything where our partners would say, Wait a minute, this is what Ive been developing for the last two years, now youre including it in the product," said Michael Shamrell, a spokesman for IBMs Lotus division.


Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel