Considering that both authentication technologies modify current e-mail practices in some way, that’s solid progress, said Craig Spiezle, director of the technology care and safety group at Microsoft and the chairman of Wednesday’s E-mail Authentication Summit.
“This is like the telephone problem–no one wants to have the first one,” said Eric Allman, chief science officer for e-mail server software maker Sendmail.
E-mail authentication does not solve the problem of unsolicited commercial e-mail but provides a tool to end the spoofing of the sender’s address, making the consequences of sending bulk e-mail a reality for spammers. The two major proposals solve the problem in different ways. In fact, early studies of junk mail in 2004 found that nearly a sixth used the Sender Policy Framework, the predecessor to Sender ID, to appear legitimate. However, as more legitimate domains are adopting the technologies, companies are developing reputation systems to evaluate which domains are considered “spammy” and which deliver content that people want in their inboxes.
“Authentication is a really big building block in terms of making a more intelligent determination of what is spam and what is not,” said Ken Schneider, chief archtect for Symantec and former chief technology officer e-mail security provider Brightmail.
http://www.securityfocus.com/news/11388?ref=rss