Anti-Spam Alliance Makes Authentication Push

  |  June 22, 2004   |  Comments

An anti-spam alliance including the Big Four ISPs Tuesday issues spam-fighting recommendations focusing on best practices and authentication.

An anti-spam alliance including Yahoo, Microsoft, EarthLink and America Online, Tuesday issued recommendations for curbing spam focused on best practices and authentication.

Following the lead of the Federal Trade Commission, which last week recommended authentication as a key technique for fighting spam, the Anti-Spam Technical Alliance (ASTA) recommended the approach Tuesday. Such procedures help identify the sender of email, a critical element to fighting spam, according to the ASTA and other industry players.

"At Microsoft, about 50 percent of the spam we get has a spoofed domain. Having authentication in place will help stop spam," said Ryan Hamlin, general manager of Microsoft's anti-spam technology and strategy group, discussing the recommendations in an ASTA conference call Tuesday.

Ken Hickman, Yahoo's senior director, mail platforms, added that, "The authentication issue is also critical to protecting users from spoofing and phishing."

Spoofing, and the related practice of phishing, are growing problems, both for consumers who are victims, and for brands misrepresented. Phishing scams are estimated to have caused between $13.5 billion and $16.4 billion in damage worldwide in 2003, according to security firm mi2g. Zombie hosting -- in which spammers commandeer users' computers without their knowledge and use them to send bulk mail -- is another major problem, the ISPs said in the conference call.

The Big Four ISPs are distributing the guidelines via their Web sites. The guidelines give specific suggestions to ISPs, legitimate bulk emailers and consumers for fighting spam. ISPs are advised to block or limit access to a specific port (Port 25), implement rate limits on outbound email traffic and control automated account registration, among other things. Consumers are advised to install firewalls on their PCs and to use anti-virus software and spam filtering technologies.

Recommendations to legitimate bulk emailers suggest that mailers not harvest email addresses through SMTP or other means, that they should register their email domains with a creditable safelist provider and provide clear unsubscribe and opt-out instructions, among other things.

The group said bulk emailers are part of "the email community" and that it does not recommend limits on the amount of legitimate email sent.

"Bulk emailers who are sending mail our members want are a big part of the email community. A big part of our discussion was how to satisfy that group," said Stephen Currie, director of product management for EarthLink. Currie said feedback from legitimate emailers would be an important part of the feedback the group seeks "when we go to the next steps with this."

Carl Hutzler, director of anti-spam operations for AOL, said, "Bulk emailers account for 150 million emails a day into the AOL system. The good ones, the ones on our whitelist, generate very few complaints."

ASTA's recommendations focused on two forms of authentication, an IP address-based approach, of which sender policy framework (SPF), currently being tested by AOL and Microsoft, is an example. Microsoft is in the process of merging SPF with its Caller ID for E-Mail to create a new protocol called Sender ID.

The other form is content signing. Yahoo's DomainKeys authentication proposal is an example of this approach.

AOL plans to have Sender Policy Framework (SPF) email authentication in place by the end of summer and has been testing the protocol, according to Hutzler. "We are also looking at content signing, hoping to at least sign our mail by fall or the end of the year."

Hamlin said Microsoft expects to go public with testing results by the end of "this calendar year." He would not give a hard date as to when the procedure might be implemented.

Authentication is a critical first step in spam-fighting, with reputation a key element to follow, according to Currie of EarthLink.

Noting that "reputable marketers have been clamoring for a way to exclude spam from the inbox," Al DiGuido, CEO of Bigfoot Interactive, applauded the ASTA "and the work they've done in setting the guidelines to bring the ISPs together to set the standards from an authentication standpoint." Describing authentication as a "great leap forward," DiGuido opined that "some form of digital postage stamp" is key in spam-fighting as well.

ClickZ Live Chicago Join the Industry's Leading eCommerce & Direct Marketing Experts in Chicago
ClickZ Live Chicago (Nov 3-6) will deliver over 50 sessions across 4 days and 10 individual tracks, including Data-Driven Marketing, Social, Mobile, Display, Search and Email. Check out the full agenda and register by Friday, Oct 3 to take advantage of Early Bird Rates!

ABOUT THE AUTHOR

Janis Mara

COMMENTSCommenting policy

comments powered by Disqus

ClickZ Today is our #1 newsletter.
Get a daily dose of digital marketing.

COMMENTS

UPCOMING EVENTS

Featured White Papers

IBM: Social Analytics - The Science Behind Social Media Marketing

IBM Social Analytics: The Science Behind Social Media Marketing
80% of internet users say they prefer to connect with brands via Facebook. 65% of social media users say they use it to learn more about brands, products and services. Learn about how to find more about customers' attitudes, preferences and buying habits from what they say on social media channels.

An Introduction to Marketing Attribution: Selecting the Right Model for Search, Display & Social Advertising

An Introduction to Marketing Attribution: Selecting the Right Model for Search, Display & Social Advertising
If you're considering implementing a marketing attribution model to measure and optimize your programs, this paper is a great introduction. It also includes real-life tips from marketers who have successfully implemented attribution in their organizations.

Jobs

    • Tier 1 Support Specialist
      Tier 1 Support Specialist (Agora Inc.) - BaltimoreThis position requires a highly motivated and multifaceted individual to contribute to and be...
    • Recent Grads: Customer Service Representative
      Recent Grads: Customer Service Representative (Agora Financial) - BaltimoreAgora Financial, one of the nation's largest independent publishers...
    • Managing Editor
      Managing Editor (Common Sense Publishing) - BaltimoreWE’RE HIRING: WE NEED AN AMAZING EDITOR TO POLISH WORLD-CLASS CONTENT   The Palm...