In association with heise online

29 May 2007, 08:44

Spam countermeasures RFC

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

The Internet Engineering Task Force (IETF) has published an anti-spam protocol in RFC 4871. It is based on a technology called DomainKeys Identified Mail (DKIM), which the IETF has been discussing since 2005. DKIM was developed from Yahoo's proposal for domain keys and Cisco's proposal for Internet Identified Messages. Other firms involved in development include Sendmail, PGP Corporation, Strongmail, Tumbleweed, and VeriSign.

The technique does not identify senders based on IP addresses, but instead on signatures associated with companies and organizations and provided as new entries in the DNS (_domainkey record). The email system automatically signs messages when sent. The recipient of the email need only compare the signature with that of the sender. The anti-spam system called SpamAssassin 3.2 already supports DKIM functions.

In the process, the system does not study the content of the message, which plays an important role in the categorization of the email as SPAM by classic filters. Recently, SPAM senders have been personalising subject lines, for example, to get past such anti-spam filters.


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit