|
|
|
Yahoo Proposes Anti-Spam Standard For Internet
By: Larry Seltzer
2004-01-12
Article Rating: / 0
There are 0 user comments on this Network Security & Hardware story.
Yahoo Proposes Anti-Spam Standard For Internet (
Page 1 of 3 ) Yahoo's domain authentication proposal is intriguing, both in its conservative approach and in the company's considerable clout and credibility. But any system that proposes to change all the e-mail servers on the Internet faces an uphill climb at best. BWhen it comes to proposed technical solutions to spam, Im a pessimist in general and confirmed skeptic at heart. Such proposals, in their attempts to make spamming impossible, invariably force everyone to change all their mailing software, dooming any practical prospects of the plan.
However, "invariably" could be too strong a word. For example, Yahoo, which claims to be the largest mail provider in the U.S., recently proposed a domain-level authentication system to combat spam. Whats interesting here is its conscious attempt not to overreach. The company is still being circumspect in releasing details of its "Domain Keys" system publicly because the proposal is still being formulated, but officials did share the substance of the plan.
What would SMTP authentication accomplish? It wouldnt, in and of itself, prevent someone from spamming. What it would do is allow spammers to be identified and effectively blacklisted.
Authentication systems usually involve digital certificates, perhaps even for each user. For e-mail the sender might sign each message with his or her private key, and after looking up the senders public key in some publicly-available system, usually a certificate authority, the recipient could confirm that the message was in fact signed by the person claiming to be the sender.
Yahoos Domain Keys proposal has two interesting innovations that make it different and intriguing: First, authentication is only performed on a domain level, not the user level.
For example, in a world running the Domain Keys system if you get a message from wacka-wacka@hotmail.com, you could confirm that it really did come from hotmail.com. Thats well and good in the case of Hotmail, since its safe to assume that Hotmail has enough internal authentication that the sending user really was wacka-wacka.
But what about a message from igor@fraunkensteen.com? You may be able to confirm that it really came from fraunkensteen.com, but did it really come from igor? This actually could be an issue if mail.fraunkensteen.com isnt very picky about who it accepts SMTP connections from. Some have suggested that spammers could simply move to a series of new, cheap throwaway domains as old ones become blacklisted. This is a reasonable concern, but Im not sure how serious it is.
The other interesting innovation with Yahoos plan is that no fancy and expensive certificate authorities are involved. Instead, the domains public key is stored in DNS, where everyone can get at it fairly easily to check signatures.
Domain Keys would also present a problem to users (like me) who use a From: address with a domain different that the one for the SMTP server sending the message. Because the From: address is the most obvious spot to check for domain authentication, its the one used by Domain Keys (at least in the initial proposal) for recipients to check.
Certainly, I agree that if you have to pick one address to check, From: is the only one to pick. Still, many users have From: addresses with a different domain than their SMTP server. Domain Keys would cause problems, at least in the short term, for folks that travels and for users in Internet cafes. No doubt it would burden administrators who will have to make sure that client systems are using the right SMTP server to correspond to their From: address, something that doesnt matter now.
Next page: Squishing Worms...
|
|
�������x}r۸j�gd1E�)%r�x2[*$)l+s%ϭ}}�/I%drƩ$�4Fwh4�y s[�kB.lmn$?~g^�Bkg͛2{C\Q##trDMs�� ib��Su\��6 \�Yy+wx;`KQ;Q-�eT7&S)� \�2=�ۦ1η(\
3�ci�g"�m�uߊ
k�9F.k�
:VT6�߉+�QR�"�R1��AuujAC'$�/@Bݣ�>�ZS7B-�僒,
$!�jZ츆#@K�SzaR,J�H,GD|6t.�nC�㳣n�;lL,!b&@�U$�\�^3��UӓKION{{#)|.g#]@qgsjҿ:ރ
�mv
��f&]��,��Rm�l^��;$�OzǃW�2ǣ1 xS:�œ lpqN����(-�S�;93}`�qp-> "�揂�+Y|-G�y>�M'�Ȍa�P6��4]r�vxF����Xݴh7|��3W���͍f��p-�@hf�@L��&&H�k~�$�UlmAٌ�2w2ڕ>�g8e���>qe,A]�fd}N9}W$)N��!F\r�Ҵ �gQ%-�>�
#��!8Q$bz3px@Wm}rNڊQSr}gaO�.}&N{sBW~�.:~}�8%gk�,$]zr8c\�T6W�Z R�w�@rQAQj��1�q:SZT["h� bXtP279�lBM4)3Y9
>5c>k�ˊ}
X�GxP�e��uHy{\ZgS�4@!�
&m/z![ | R�P{7f4s�DR#u�v=h�*2l�lx�Xd�(4tP\�so0�@[3hW�%YӼ�}$��4/j��O`\@3�pp�Zi;90CY}*sO�hgx���V�TF *��\Չ�tp�0x zOx�uR�MY��MPԤv���B��B
!\��0 o��Ȗ�(f�r\�T<��ʦ�\� ��+J�h&�ȗМWKKLAsf(Ӕ4{~RUub'�FNH�!l�"W�(@W)ilI˷�Y+fҏb5y_Fo:�>2Ku�PU�IL؋S�,�SZk}:*+�_)
E�$.�6@A\Z3,C��%W_.1^�aܵ(��жC�|1Ŷ��f,t_mo
m4�Yk�ثh5t�d
�xA��qF�F ��]
咊|t
ku=��mO�ʽOnO�>`r��.�G1�`;SۋppP)S4
Q!��fb:h]����^=��@' �M��݅CсU|qhc(pp0vVׅ=-�΅ߌ8�ͧם�a�i+h��@k��TrJC�mP�dž xHC{Wq=�1_ 0iTW+RXP~�2��;".EX PX́6mJemӴ�'ݢ3b-Hv�i�+°>v9ScI8�@��BN�+�+U%-�aݮ֜*
��k�|o` 2t�3G�/6n::��i�4Q.IR5F� qL] zSq){ݧH�+ڸ��)ҧpFL`^V
�.^@>+#��Q�K��K'"^cE�c��YFV^J�o3B�Z�+oA`R
,G$]4u�7͏�P)h�W9d{�*�'HV/��ؐb(�k�ofP�&9ͽ�)�3ǡ=��S�翂3u�
3uhhͶ6gt0otv8:�Oͦ[PM�5㒏�S)%�*#�1��Tհ�dxTf<*8���|��S�ҬXA3\]�Fؘ/Q*n'?ZT!IC�8�D
ƨ'=.�r@|��7Fd$S*GH51RG"'{@�nuI.�-�+*,n
{Y�0
���AC5"h�Q�G
J�(IܷOt���9]i>O�Z!ӁP~-6u4w=X\�� QB|S?*ڔ%0S.�Yj�R_Ie�7k}h��#R4@
*��8l
|BuI�}tp�@l%R)nN
7��\=Gm@�T|4S(O;[VMW07>�sm&�o^�{Xū�7cӞk�r dZp|b�vre)(OmИY#7C:۸q:&C16�j` |,Wb=i�TuYdp³'�HiϸZoZ9�e>'A�
G�"*X�$t+��W�U�?s7кEM{�t�s�
�g@5gcC�:�ZNL&�|p �TnV#z'ثD>g;eX?w/$*L3�1㪧T�u@\ �)2�'*sW�ߩ3y>�FREihG�2dY�r�HU�u{\qe�'ucSL.
^��/$RQr+Ձ5ƀ$OMyV֪m/\�X�zP@~���%r+�"Gg*�ioȧur-P�D#���ȕO�?2:iSTʵRXbGy�V;wR�n=QV�VhWZd&}c
n.�9]�F�4˷:S�/Ճ�l1g\NSFT=^C4K37=oXC�%BS�Nnqk�ۗ)YxBM�XLh;~�X^�5dX�$@Qhz+�AQN�r^�gቛ@�'�g?�m�`:Ghb2)dnS==T�MOu
'x;�?vs~a̡
3Ir|$T˲\�.�*jÎwBmL4#u�(L>)W�>Q]H�P?�3m
^JA
F<�2�w6P`#D>׳~#@�̫HX^p�CV;L
r?�a�{I�9^vx#x�/`GHF><1P:��Ӿ��@>m48�`[&I:=+��k쇠ҝ�+vHN��)o/5#�^rft,ǩ�m{r��qdQUFj7ڇSΚc�^aY+�,$20
��ju}`@�$58�l�5@%��kNFtW`�{k�x
��o���|�%a_RBpI"Qґ��hIwfDGė&G1��_�o�[N�o˘I;Dy_q-��=�?z]��'t?>!���)�>T8|ac칏N
sj�e(n2�x �A\$}\��i�RJ"g�8N%;�o)>mZ|b=sp�Rش���
�)\~�(I[MKU�2pF
9%RNȔ&�J8��z6R\&Iq^O�e1�i�e2ʒ�2~q'j'�ۡH
IOɂڗ#�dž5>Թ8�/T/^ߺn,D2z�\~t)JZA "N| Jc|
a=n���'e.>baQBhI�ҧ�+y9.EY-Ҭ
ɏ�xi�� �a�!���]9$gA\A>;Z<8 tw7�k�v`Ѱvp�؆���C,B�s;�Y��.�'zClv~OmoIURC�Z,ȄZT)A�0n�gx;K�R>Px$��T@�tx�wq+ K(]s;�?Jn�<<�� 75[a���.E?=S���!'=r�sMڗ�g Q�W�}JG(��S\F�ݽ1e{a.P]Qz AErgL�v�|b\0Э7_^)-d�*[8K(�dZv-LT�fF��0zNلK�.H
Ţ\{57�=o5X��s
e_r;d���'^�D>ם�PDʛq�+��J]w�Vww{T��c7^�x�<@0�k)7
]kw}_L}�7K;k3OS+ZS˳%p>�V��X#Nv�Ո,:
DghM�~��L44�U*d5ϗs]q8R��6PSt�
b-p�ghxc{("zA`ܙa,Wa�tevHU��Q.=J}-UJK�hgm#7S"��ϩb3'HH�MxmYju(VtA:L1Lr1|��zS�j;0`�tX�ZL�ѭ|%�GN�/�1o�ڌ
�ĐTQ�3O!؉Ho4-dGȴ4c�r?Lt�-5K�÷"$g@M^ ā EX-H?Ɵg}H�fn�z-E^�40!5�Ӡ.�c�a,ZCrdU!?R�ڥ�u�:��S��l3]0�(��rЀҡVC?50r:S7'KEt��/�2Vq�ۼ,ע]rE��i$eCV/?�݃%W9�- ���q`jrp�wRΑɥ92xYLsdq(*{,�X蔲Y��
�
,|1c
�Gi(?��
߂cMp(K�\M
�]ĆU.�7�g�Զ�CppmAj"v&��A7)h��oJAWEg،]j�ԋz|�'�˻(�51V @Y<$T`�>+Y|ҰЫeaDE= [�(ޭpj*s�0ܶ�(3ᆞћ�A0:�3;]V�A$L�2 L�2A�&�42"�Cދ$CR&CH
DLVn:|k�,H�,�e�D�I�aM8>ˮ'\ھpa�,@;Y|#�`�G��H�[`#�vam
)�NG�",�&�:��p)w:0%�}F7M?w�XUJ� Ӎp�� ��e7z4 N9D7/�wiέ@DS~qOTo��b3$*GrP(�ZۢG�^�Ͳ��_y�
u&X�Pa)!V�D�&S6%lH��u�tl�簿I�X
''ĂN^�AlJ�C��ś5L�>:�!H�a-չ}{S&ug
{8놔 �%|u881<�a'\*�%\�A@<\�0
WbmN��L�E@ �v%�A@�ڋY�û��B3A٭b!0i-đ[`z�
�<*�]xma7�I{X_ �B�E48iʥо�A�:�Ll677�Aׄ΅bBQ8W�B���X"F�}�N+#q�ԀqMK|vn7m�( NJNa�0�ð@ tATr`2h#�ppx�
o�
��gc#D�hm]dCRy1\'\8 ���6
1B8tv&�=_sS;�AXc)�"�N73OrlӻJ�47c6rI+pf�c��%D��bp!����mP5ln�'�,Pk'أ@lt
���7��=�]LzJK6~;�C�{<�8
t�EP9�v}.��$!�|3Ll�ز]0��O
��-t4[h9�}6|4�S:6(��@��
!l"��i[|}[]�����P
o�hCWXHʐ0A /WJCY��hk\֪ 6Fp8�۰>\m��v�\��!6<'Vy+�;z��26ZVz;fplG1Ϳ䦥o +foⲏx�![znU�`xԀ���s�uvhŻ{`�$b35T�>>ț�s{
�0I%�P�뀿ٱ�ڇXR�4��w1˲س@[ ۵JcX�rfy9�Ј�'ƝG'CMA$`hRQi#R8�QP
Ʊ5Ll�La!�g5skX�H F�@=L+1<">8\AOQ\襭%:m+>ؔ�sg�ڮ�I-vj��7�K~v��5#WWַ-
�
',ԵMs9[�pOⷚ&;mR�ω|Vd���(�H,$qG!^�\[)*(Z�^+wb�14q*zo�>#F7�}/�X:7Ō�Y+|�)�՜\j&E;�Y���@1�C1z�#�E��uR�ﮊCP)!!�O_��doN �>@)2A�[�AFo�C�u&/.F[{O{yɴO~XeHa'Oh,X~㇝ƑWT�#C��]J� �Dc<>��"�G@ ���KB~�j*Asΐu-VW�pi䏥D'n
qI2�u,BwΉ`��" Ⱦ,�T'`*4u㇝z };S�k�qު��P4
W]���Rb��a7��JJd��D�9�q}MNy9'^ � 0JA��\G�B�8�NXRߘDJP`
a/`8Ă|CSxIIތxJ׃@A}NGyѰ��*Micl��u5頸s\�$V{ ]IQxy��[)O
_w�skDx1m8�t�tN�f�\��
/x��R!V
JGj�s>B�hu\3UEՈG+W�z0m�z^EL[W�ܗTc]8_1�=o7ݛ�B gnuZ
Gbݮ{�NYWEE8%v�b
1K^
�#���@VA'D�07-3lrI;�NRuuu�
Dc�f�E"%MZ�~�rI�zYo�P|]jr\�yge`���xz�
誡43?b)_6b~9
K��9z�l�'vu&F�&#ZKi)B��]�;=N\2E��t'G^*Z�}#PjN�TMO0Y\XC3�X�R>u)m~G#h-Ã+wlU:^jl%vEܶ5u�j}G�"k2`%W0�OCf�ld[\#=hxs���&Ԋ�#m�gA�\[#w�{:�Ԥ�7?<�N��9Cꄇ�
mjky8֙Ir# -@�٧e\��b�+{C�Aq:7�v\vnsG��@F.6� ;�<�3ߍ�T�>:4xz`�ĤM�!/@va^
s�%x$ûG�v7�]FGwe
M隲1cBG)��"�fHVmvn>\_����}��bUT-�1.(k��Q(px�~S&I?
,i5��n�!�Clz}3v$��u�"*3c9�K5tFNA,6��5芼�Ƴ'z+?.Q5�,�[b{Gǩ9f:�
|W�ԡ7@p�Bh�4Q8&�H�� n$�H)�kPhP؞b?0mH�ԏM)As�a�fmnb(Om���V�eb��s�-8i)4H<�1�Y
[yС5�NG͚$#ۛ�)�S?��/�ۺ9�Pq.1$Tj�'&c��\�4�_ �x��qwpTWX;SCDď1���K1c�T/֤J%P�~�J%6gp�a)�kqXv'*cYͬ�VF"]�Ҙ\I
\D+^@���3�
ycl})�zu0U!hV39]69tHQ{5.Qw砰5m��ZOUsz'{WO :5\0Qky2_�
^�9l_t2q(gʃ[�&daYİ/Y3�$xC_�1�T�e> �L,ae=DC�3:ۚ��ǨLOA~؊rm8�GOs:陎EoCm-CtSW}=�Z�k�-�!1inLc�ttO!v.;VRR�_�,ߋ�^�~.2s��E�}^�}^d'eF/?A3H?H�##�/2a|/3�2.a.3Ư�e�!z _z�
*>UFk�C�C���
2o+�c�}}OYпO���HJ�ɠ�&��u1�Az;Wpz~=29HZG�R*_�~J%iF�gȳ���+V/^sk3U_?߫QފLH�{u;+UL0L
g-�/Y;�&Uq%M��ؐ+G{2Th�
k[�yH�\*�է�٘}�@�6_y#u/'agFW�W��kyq=nIb2-XѦ�^5_9晳=UЌ+&E�"z
^Q^Ud6̃&1_u��4d5a;H_=�hĽ+L����߃�|�e�nC�7�=VB�n�}O~�T|u��ߴO\�pg?:/�ݙgVZѵC5Afп~�%cB$)M\L~�=4;tu1zlKk E,�iiVRp`�PM]qc!9��ڎx�@�&�7�J�,�vW�; �SFЫ.A�^AeϽys�FTZ]LA݆'�6UUD-՟�:1{�1
dȣ�HC50p9+hkw ޠ���{ԑ=�z<8Q�N+q�q|G�j0;�}�A]�WC.ӡ�ί(ʹV̷0=6��^q؝Vmt�B�-\EgZ�v�6_�Ơk4�%ᠷb5u*�=Tu�D�j�]<6�Rx3]堭!�HL;c@ahmDǓ{8�3�v{ZN\*kkp#6$�R��~rm@%9 ?~Aq2!�*&Nϖ=[;�U�5u;L]"ϿT��#��l}߉�})ћ�]x��E�GN,R�+0D�P~Zg[!0MHkfAl!п�|nX�zE]��CM�59D���'dxϒW.]o{4�*�)y3%Ie�`'w�Gy �0[l'F/ޞ)gA�M�,K� e�L
��LĞP�[ =6�ߜbs7n�9��DŽf��ÄH
r$#b[MA�%nԶP#dwH6�98��1``�c�l�4n �ZyLN_�J�,�v;
s#k_4ҳe�>�v
ǯ-(G4�yJ,\i�nR;6E�i#�|��@ }H
oZЩj5`Y�+@H�W���1J/*ZF#$Wd+-ԭ(=�?��hOA 1?c}m�n�1Դa#�<ö�TMK��eѩi�yҷmTq5\7gؖ#<�
HaT��xq;5�h_O�@�>���Z~��51ǸK���1F`�mŶ��Rɸ{m� �e�PC�lk=\+�K1͍I�aڡ^d++)ؐ�Wr���k:T ��;cXJ�4�o�;��Ч�U|-\la�};E]\٦.�Lo�"?(��T�,DdZUl�ZT�(�75{�S�wF����>A�aXqO]> @;�&��ƇXW��54�eNp0�w
X�B��L+[@OP��Qi�::l�� 4$݈ҢZ��"�̎�؊Wfr�m�ucs
)�:PMُl��݄rE<:i3kq3~k��WH���=�3�SB/}A,8bs*t_fx�7[Nќ|�biMXT�dE�Bt�ضo
}�WUo�
CM?Nqw� �t7�#җ o@,�P�6f�ZƷ_�>N`y@,Kr�ބc��/
NVKa�9��*Ҡv}TmdeĿu{b@b/H#,Zo5a:Ql8F9Vi�Ok1�$[Ȩ~xHdH}�\M(wԁ!&JaFP�p_x`�j8Fc�V &@�ݭ�*Ht�քbS8xC��8�ՠs>�Ƀ5#EdaOWy�>_Ig
J� #s�G"�5bn�C=[ 4��Ƃ��܈D �>e����K
:cJ�Be|ޚF'�!xi[BX�R8oRфI�- '`M~�i�֎/=mMq5��L�MnҖo4Pѕ�~J|,q}˴@@i[!K+~$ `W{4�Qd�@���� ^�W�鍊<ʸ@)b3gq?�,7�c7��=ѹ`
tb#̳z.W�-�tT3npL4s?Y8'�*\6I�1Zp
xR<0Z)qVZq��W�ZԈZo7�F]Ñ�s)E3D�y|8�ޗf\4�V@jr�$XW!��� nf�Me�kw0g`P�mcfaMsk*0̆uG!5ey�֨�)ۗW�IܮKf>JPcM��ڂ0h}�|>1@��-�N{�}=|q)#Y� X#*9�5�z�},�+
SuQMlp&w>L(;NG�{�/O Dq#]t (%+4U{>�[��Vom�\1 �
9,D�V>C3�¢\k%$2o5XcL��!�mɁT0:BjLZv�=Gan:�mT,-Imr!nw!ƽS3+31� ; ?('�� ^:|+"
́E4P�Edk�{M">��
|
Network Security & Hardware 
