Email Authentication: Dead Or Alive (Depends On Whose Headline You Read)
from the fun-with-headlines dept
About three years ago, it seemed like all of the big online players decided that email authentication was a good strategy for stopping spam. Of course, as happens all too often with these types of things, everyone came up with their own different standard -- meaning that you have a standards battle where not enough people adopt anything. Then, of course, many people felt that any such basic change to email effectively would break existing systems. Over the years, there's been plenty of talk about email authentication -- but it hasn't helped that the most active users of this supposedly "anti-spam" system are the spammers themselves. So, what's the state of email authentication today? Apparently it depends on whose headline you believe. Security Focus has an article today telling us that E-mail authentication gaining steam, while EmailBattles has their own article claiming: State of E-Mail Authentication: SPF Dead, Others on Life Support. Which story you believe probably reflects how much you've invested in one of these authentication techniques.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Reader Comments
Subscribe: RSS
View by: Time | Thread
[ link to this | view in thread ]
[ link to this | view in thread ]
- Phishing scams
- Joe Jobs
If you've ever received thousands of bounce back emails because some half wit spammer sent email claiming to be from your address, you'll appreciate why stopping joe jobs is important.
[ link to this | view in thread ]
solutions
1. governments outlaw it and act to enforce the laws.
2. companies launch class action law suits against the commercial spammers for wasting employees' time with unauthorized and unsolicited emails.
3. the rest of us donate to a fund to pay organized crime to hunt down and kill the spammers and phishers.
[ link to this | view in thread ]
RE: solutions
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
Re: solutions
[ link to this | view in thread ]
Glad to see SPF is on the downside
[ link to this | view in thread ]
Re: Re:
[ link to this | view in thread ]
These proposals have nothing to do with stopping s
[ link to this | view in thread ]
Re: misconception
If it's a misconception, and I'll certainly grant that it is, then whose fault is it that the misconception exists?
"Spam as a technical is solved by SPF".
That statement was on the home page of the SPF for some time -- it was quietly removed, without a public retraction, a while ago.
Similar statements have been made by the proponents of other schemes. Of course they are: email forgery is at most a minor problem and always has been, so nobody needs or wants to care about it. But spam? Oh, spam is a major problem, so one way to attract a lot of press is to grandly pronounce that The Answer is at hand...even when it's obvious to everyone with any technical clue that anti-forgery technologies (a) have no anti-spam value and (b) are trivial to subvert. [The latter being especially true in a world with an estimated 100M zombies -- since the new masters of those systems have full access to any email authentication credentials possessed by their former owners.]
[ link to this | view in thread ]
Switch to encrypted email by default.
email by default, joe jobs, authentication, and to some degree spam
would be controlled.
Publish your public keys either on your personal web site, in your
signature, in public/private directories.
Snail mail equivalents;
1st Class - Signed/encrypted
2nd-class - Signed
Bulk-Rate - Unsigned / unencrypted.
The more you value your privacy/hate spam the longer your encryption
key. The longer your encryption key, the more processor time it takes
to sign/encrypt email to you. (as a side benefit, the harder for people
to snoop on you). Can anyone speculate on the time/processor power to
send 1 million pieces of email currently vs. encrypting/signing 1 million pieces of email each encrypted with a different 2048bit key?
If you value your privacy/time/bandwidth then either sort by class or
reject (at the local level of course, NOT at the ISP level) certain
classes. Perhaps you only accept 1st class email. Maybe 1st class is
ok, second class gets filtered and bulk rate goes into the 'Junk mail'
folder.
Current problems with this idea, NSA/FBI/CIA etc. Google/Yahoo/AOL etc.
The powers that be like the fact that most email is unsigned
unencrypted plain text.
What's common about the current plans like "DomainKeys Identified Mail".
It's centrally located, the power is with the provider, not with the
individual.
It's still in plain text, so every one knows what you're writing about.
It authenticates the mail server, not the individual. So if I'm at
Alice@aol.com and I send mail pretending I'm from Bob@aol.com, then I
can authentically state that the email from AOL.com actually came from
an account at AOL.com. As email servers consolidate how does that help
you? If your email is processed by Verizon, AOL, Earthlink, you are ok.
If instead it's processed by Local Coop Inc., the ladies auxiliary, the
Free China Society, or heaven forbid, your own server. Well obviously
it doesn't come with the large corporate/government seal of approval,
it MUST be bad/evil/subversive/spam.
Spam works because it doesn't cost the sender near enough, and some
small percentage of people actually bite. We need to increase the cost
of sending thousands of emails without increasing the cost of sending
tens of emails. The cost increase can't be in dollars, because then
only the rich would be able to send email. We can't limit/consolidate
the control of email sending, because then only 'approved' people would
be able to send 'approved' messages. It shouldn't impact the current
infrastructure because then it wouldn't get implemented.
Default encrypted email; local control, authenticates the individual (or
company/origination), increases the cost to Spammers without undually burdening individual emails or non-profits. Keeps your neighbor/the government/corporate interests from reading your email. Requires little if any change to the current email infrastructure.
rick
jilocain0@yahoo.com
[ link to this | view in thread ]
Switch to encrypted email by default.
email by default, joe jobs, authentication, and to some degree spam
would be controlled.
Publish your public keys either on your personal web site, in your
signature, in public/private directories.
Snail mail equivalents;
1st Class - Signed/encrypted
2nd-class - Signed
Bulk-Rate - Unsigned / unencrypted.
The more you value your privacy/hate spam the longer your encryption
key. The longer your encryption key, the more processor time it takes
to sign/encrypt email to you. (as a side benefit, the harder for people
to snoop on you). Can anyone speculate on the time/processor power to
send 1 million pieces of email currently vs. encrypting/signing 1 million pieces of email each encrypted with a different 2048bit key?
If you value your privacy/time/bandwidth then either sort by class or
reject (at the local level of course, NOT at the ISP level) certain
classes. Perhaps you only accept 1st class email. Maybe 1st class is
ok, second class gets filtered and bulk rate goes into the 'Junk mail'
folder.
Current problems with this idea, NSA/FBI/CIA etc. Google/Yahoo/AOL etc.
The powers that be like the fact that most email is unsigned
unencrypted plain text.
What's common about the current plans like "DomainKeys Identified Mail".
It's centrally located, the power is with the provider, not with the
individual.
It's still in plain text, so every one knows what you're writing about.
It authenticates the mail server, not the individual. So if I'm at
Alice@aol.com and I send mail pretending I'm from Bob@aol.com, then I
can authentically state that the email from AOL.com actually came from
an account at AOL.com. As email servers consolidate how does that help
you? If your email is processed by Verizon, AOL, Earthlink, you are ok.
If instead it's processed by Local Coop Inc., the ladies auxiliary, the
Free China Society, or heaven forbid, your own server. Well obviously
it doesn't come with the large corporate/government seal of approval,
it MUST be bad/evil/subversive/spam.
Spam works because it doesn't cost the sender near enough, and some
small percentage of people actually bite. We need to increase the cost
of sending thousands of emails without increasing the cost of sending
tens of emails. The cost increase can't be in dollars, because then
only the rich would be able to send email. We can't limit/consolidate
the control of email sending, because then only 'approved' people would
be able to send 'approved' messages. It shouldn't impact the current
infrastructure because then it wouldn't get implemented.
Default encrypted email; local control, authenticates the individual (or
company/origination), increases the cost to Spammers without undually burdening individual emails or non-profits. Keeps your neighbor/the government/corporate interests from reading your email. Requires little if any change to the current email infrastructure.
rick
jilocain0@yahoo.com
[ link to this | view in thread ]
Encryption is mostly useless, for at least three r
First reason: spammers have access to (essentially) unlimited CPU resources. (See "100M zombies" above.) Attempting to slow them down by imposing computational burdens on them is a guaranteed-losing strategy.
Second reason: suppose such a scheme was widely deployed. Spammers could merely "harvest" the private keys used/stored on any of those 100M systems and then not only spam, but create considerable damage, by sending it signed not as themselves, but as the users in question.
Third reason: suppose such a scheme was widely deployed. How can a receiving MTA verify that an incoming message was correctly encrypted? Answer: it can't. It doesn't possess the private key. It has to deliver it to the user's mailbox, where it will subsequently be retrieved via POP or IMAP, so that something running in the user's MUA -- and which knows the user's private key -- can vet the message. Which means that most of the damage has already been done: bandwidth, CPU and disk have already been wasted accepting, processing, and storing a message which turns out to be spam.
There's more, but the bottom line is that encryption is not any kind of an answer to the spam problem because the spam problem is NOT an authentication problem.
[ link to this | view in thread ]
multiple email needs is where it's at
[ link to this | view in thread ]
What we have here...
What those of you advocating various cryptographic measures continue to miss is that an attacker is in COMPLETE control of an end-user's system -- and thus able to, oh, install a keystroke logger for example -- and transparently forge anything they like.
As a result, all your proposed solutions based on cryptography are completely worthless. Until, that is, all of those 100M plus systems out there that are already in a known-compromised state are rebuilt from original distribution media AND kept from being compromised again.
Good luck with that.
The sad truth is that in 2006, a large chunk of the spam problem reduces to a Windows security problem, and that is not a problem for which there is any known solution -- other than "format:c" following by a re-install (which, BTW, is now the recommended solution from the vendor).
Nothing short of that will do. Yet it is seldom done. And even when it is, the effect is often temporary.
For further reading, please consult You might be an anti-spam kook if... which enumerates any number of known-failed (yet frequently proposed) approaches to "solving" the spam problem. If you are not fully acquainted with that entire list and able to explain in detail why all of those approaches are utterly doomed, then you will most certainly not be capable of coming up with any ideas that have the slightest chance of success.
[ link to this | view in thread ]
Hello,
I am Bar Nelson Dominic
A Canadian Attorney based in Manchester, United Kingdom and the personal attorney to Late Mr. Mark Michelle a citizen of France. Late Mr. Mark Michelle was a private oil consultant/ contractor with the Shell Petroleum Development Company in Saudi Arabia before his death, hereinafter shall be referred to as my client.Unfortunate, my client with his wife and three children lost their life in plane clash in 2003. My several attempts to locate any of his relatives as directed by his Bank became void. I had make enquires with his country Embassy and non of his relatives have been traced. It
may interest you to know that my client died "in testate". PROPOSITION: I decided to contact you purely on the personal conviction of trust and confidence that we can co-operate with each other and do a very lucrative business for our mutual benefit. I want you to give me the needed assistance by allowing me to present you as the next of kin to the deceased and the beneficiary to his estate. The deceased had a deposit valued presently at (GBP 45,800,000.00) and his Bank has issued me a notice to provide his next of kin or beneficiary by will, otherwise the account would be confiscated. Already, i have marked out modalities for achieving my aim of appointing a next of kin as well as transfer the money out of this country, for us to share the money in the ratio of 53% for me and 35% to you, The 2% of the fund will serve as
reimbursement of expenses both local and international any of us will make in the course of this transaction. While we shall collectively donate the remaining balance of 10% to Tsunami Relief Organizations. It is my intention to achieve this transfer in a legitimate way, all I required is your honest co-operation, and confidentiality and trust to enable us see this transaction through. This is a very legal business that I am very sure of its success and is absolutely risk free. If this proposal is acceptable to you, kindly email following information’s to me;
1. Private telephone number and fax number.
2. Your residential address.
3. Identification / occupation.
Further details await you upon a positive response from you
Yours faithfully,
Bar Nelson Dominic
[ link to this | view in thread ]
Hello,
I am Bar Nelson Dominic
A Canadian Attorney based in Manchester, United Kingdom and the personal attorney to Late Mr. Mark Michelle a citizen of France. Late Mr. Mark Michelle was a private oil consultant/ contractor with the Shell Petroleum Development Company in Saudi Arabia before his death, hereinafter shall be referred to as my client.Unfortunate, my client with his wife and three children lost their life in plane clash in 2003. My several attempts to locate any of his relatives as directed by his Bank became void. I had make enquires with his country Embassy and non of his relatives have been traced. It
may interest you to know that my client died "in testate". PROPOSITION: I decided to contact you purely on the personal conviction of trust and confidence that we can co-operate with each other and do a very lucrative business for our mutual benefit. I want you to give me the needed assistance by allowing me to present you as the next of kin to the deceased and the beneficiary to his estate. The deceased had a deposit valued presently at (GBP 45,800,000.00) and his Bank has issued me a notice to provide his next of kin or beneficiary by will, otherwise the account would be confiscated. Already, i have marked out modalities for achieving my aim of appointing a next of kin as well as transfer the money out of this country, for us to share the money in the ratio of 53% for me and 35% to you, The 2% of the fund will serve as
reimbursement of expenses both local and international any of us will make in the course of this transaction. While we shall collectively donate the remaining balance of 10% to Tsunami Relief Organizations. It is my intention to achieve this transfer in a legitimate way, all I required is your honest co-operation, and confidentiality and trust to enable us see this transaction through. This is a very legal business that I am very sure of its success and is absolutely risk free. If this proposal is acceptable to you, kindly email following information’s to me;
1. Private telephone number and fax number.
2. Your residential address.
3. Identification / occupation.
Further details await you upon a positive response from you
Yours faithfully,
Bar Nelson Dominic
[ link to this | view in thread ]