Spam Tools Take on Anti-Fraud Chores

Anti-spam tools are evolving to combat phishing and pharming, even as sender authentication initiatives appear stalled.

Even as some e-mail sender authentication schemes appeared stalled by implementation problems, participants at Inbox, the pre-eminent e-mail confab held earlier this month in San Jose, Calif., discussed server-to-server message authentication mechanisms and focused discussions on ways to combat phishing.

Less high-profile, but just as important to IT managers—especially in light of regulatory requirements—are e-mail storage and archiving technologies, which were also explored at the conference. The first principle of e-mail storage—that junk e-mail should be stopped at the perimeter before it is delivered to in-boxes—hasnt changed. But figuring out the best place to store delivered e-mail remains an open question at many organizations.

One bright spot at a conference dominated by messages of doom and gloom came from Bank of America. The banks report on its implementation of SPF (Sender Policy Framework) was good news because it shows that a large financial institution has started taking steps toward trying to stop the growing threats of phishing and pharming. Because these schemes can cost businesses vast amounts of money, not to mention their potential to erode customer confidence, other companies will no doubt be joining the fight.

The next step will be using authentication to build reputation.

Just prior to the conference, Bank of America announced SiteKey, a new Web site authentication service. The service, which is scheduled for phased release starting this month, aims to make it easier for users to know when they are really using Bank of Americas Web sites and thereby avoid being taken in by phishing scams.

/zimages/1/28571.gifClick here to read more about Bank of Americas use of SPF and SiteKey to stop phishing and pharmers.

Two similar server-to-server message authorization and authentication standards are about to join forces. Announced at Inbox, the newly minted DKIM (DomainKeys Identified Mail) is the result of Yahoo Inc. merging its DomainKeys with Cisco Systems Inc.s Identified Internet Mail. DKIM, which has been submitted to the Internet Engineering Task Force, uses public-key cryptography and DNS (Domain Name System) infrastructure, along with upgraded e-mail MTA (Message Transfer Agent) servers, to strengthen e-mail message authenticity.

Yahoos DomainKeys and Ciscos Identified Internet Mail are conceptually similar, according to Miles Libbey, anti-spam product manager at Yahoo.

"The technology is available today, and while there will be slight tweaks to the specification as DomainKeys evolves to DKIM, the core technology pieces that enterprises can put in place will be the same from DomainKeys today to DKIM tomorrow," said Libbey.

Next page: No-spam, no-phish diet.