Anti-Spam Alliance Makes Authentication Push

  |  June 22, 2004   |  Comments

An anti-spam alliance including the Big Four ISPs Tuesday issues spam-fighting recommendations focusing on best practices and authentication.

An anti-spam alliance including Yahoo, Microsoft, EarthLink and America Online, Tuesday issued recommendations for curbing spam focused on best practices and authentication.

Following the lead of the Federal Trade Commission, which last week recommended authentication as a key technique for fighting spam, the Anti-Spam Technical Alliance (ASTA) recommended the approach Tuesday. Such procedures help identify the sender of email, a critical element to fighting spam, according to the ASTA and other industry players.

"At Microsoft, about 50 percent of the spam we get has a spoofed domain. Having authentication in place will help stop spam," said Ryan Hamlin, general manager of Microsoft's anti-spam technology and strategy group, discussing the recommendations in an ASTA conference call Tuesday.

Ken Hickman, Yahoo's senior director, mail platforms, added that, "The authentication issue is also critical to protecting users from spoofing and phishing."

Spoofing, and the related practice of phishing, are growing problems, both for consumers who are victims, and for brands misrepresented. Phishing scams are estimated to have caused between $13.5 billion and $16.4 billion in damage worldwide in 2003, according to security firm mi2g. Zombie hosting -- in which spammers commandeer users' computers without their knowledge and use them to send bulk mail -- is another major problem, the ISPs said in the conference call.

The Big Four ISPs are distributing the guidelines via their Web sites. The guidelines give specific suggestions to ISPs, legitimate bulk emailers and consumers for fighting spam. ISPs are advised to block or limit access to a specific port (Port 25), implement rate limits on outbound email traffic and control automated account registration, among other things. Consumers are advised to install firewalls on their PCs and to use anti-virus software and spam filtering technologies.

Recommendations to legitimate bulk emailers suggest that mailers not harvest email addresses through SMTP or other means, that they should register their email domains with a creditable safelist provider and provide clear unsubscribe and opt-out instructions, among other things.

The group said bulk emailers are part of "the email community" and that it does not recommend limits on the amount of legitimate email sent.

"Bulk emailers who are sending mail our members want are a big part of the email community. A big part of our discussion was how to satisfy that group," said Stephen Currie, director of product management for EarthLink. Currie said feedback from legitimate emailers would be an important part of the feedback the group seeks "when we go to the next steps with this."

Carl Hutzler, director of anti-spam operations for AOL, said, "Bulk emailers account for 150 million emails a day into the AOL system. The good ones, the ones on our whitelist, generate very few complaints."

ASTA's recommendations focused on two forms of authentication, an IP address-based approach, of which sender policy framework (SPF), currently being tested by AOL and Microsoft, is an example. Microsoft is in the process of merging SPF with its Caller ID for E-Mail to create a new protocol called Sender ID.

The other form is content signing. Yahoo's DomainKeys authentication proposal is an example of this approach.

AOL plans to have Sender Policy Framework (SPF) email authentication in place by the end of summer and has been testing the protocol, according to Hutzler. "We are also looking at content signing, hoping to at least sign our mail by fall or the end of the year."

Hamlin said Microsoft expects to go public with testing results by the end of "this calendar year." He would not give a hard date as to when the procedure might be implemented.

Authentication is a critical first step in spam-fighting, with reputation a key element to follow, according to Currie of EarthLink.

Noting that "reputable marketers have been clamoring for a way to exclude spam from the inbox," Al DiGuido, CEO of Bigfoot Interactive, applauded the ASTA "and the work they've done in setting the guidelines to bring the ISPs together to set the standards from an authentication standpoint." Describing authentication as a "great leap forward," DiGuido opined that "some form of digital postage stamp" is key in spam-fighting as well.

ClickZ Live Toronto Twitter Canada MD Kirstine Stewart to Keynote Toronto
ClickZ Live Toronto (May 14-16) is a new event addressing the rapidly changing landscape that digital marketers face. The agenda focuses on customer engagement and attaining maximum ROI through online marketing efforts across paid, owned & earned media. Register now and save!

ABOUT THE AUTHOR

Janis Mara

COMMENTSCommenting policy

comments powered by Disqus

ClickZ Today is our #1 newsletter.
Get a daily dose of digital marketing.

COMMENTS

UPCOMING EVENTS

Featured White Papers

ion Interactive Marketing Apps for Landing Pages White Paper

Marketing Apps for Landing Pages White Paper
Marketing apps can elevate a formulaic landing page into a highly interactive user experience. Learn how to turn your static content into exciting marketing apps.

eMarketer: Redefining Mobile-Only Users: Millions Selectively Avoid the Desktop

Redefining 'Mobile-Only' Users: Millions Selectively Avoid the Desktop
A new breed of selective mobile-only consumers has emerged. What are the demos of these users and how and where can marketers reach them?

Jobs

    • Sr. Paid Search Manager
      Sr. Paid Search Manager (Bisk Education) - TampaCurrently seeking a Sr. Paid Search Manager in Tampa, FL for Bisk Education! Bisk Education is a...
    • Contact Center Professional
      Contact Center Professional (TCC: The Contact Center) - Hunt ValleyLooking to join a workforce that prides themselves on being routine and keeping...
    • Recruitment and Team Building Ambassador
      Recruitment and Team Building Ambassador (Agora Inc.) - BaltimoreAgora, www.agora-inc.com, continues to expand! In order to meet the needs of our...