Spammers Are Also Adopting SPF Standard

Sep 04, 2004

Research Shows Spammers Adapting to Authentication Protocol, But Widespread Enterprise Deployment Will Help Prevent Phishing and Spoofing. CipherTrust, Inc., the leader in messaging security, today released the findings of its latest analysis of real-world e-mail messages sent between May and August collected from companies worldwide which use IronMail, CipherTrust’s award-winning messaging security appliance. The analysis is focused specifically on the deployment rate and effectiveness of the Sender Policy Framework (SPF) e-mail authentication protocol. Most noteworthy is definitive evidence that SPF is not effective in identifying spam; however, e-mail authentication protocols like SPF do in fact prevent spoofing and phishing attacks.

In fact, according to CipherTrust’s research, 34 percent more spam is passing SPF checks than legitimate e-mail because spammers are actively registering their SPF records. In short, as long as spammers comply with the protocol by not spoofing the sender address, their messages will not be stopped by SPF. E-mail authentication does not determine whether a message is “good” or “bad,” but simply verifies that the sender is who it claims to be. CipherTrust’s research finds that a spam message is three times more likely to pass an SPF check than it is to fail it. Therefore, organizations cannot rely on such techniques alone to fight the spam epidemic, but should include e-mail authentication as part of their fraud and spam prevention arsenal.

CipherTrust’s recent study also reveals the number of Fortune 1000 companies deploying available e-mail authentication protocols has increased by nearly 200 percent since May. CipherTrust recommends that companies and their e-mail security providers take necessary steps to actively participate in the deployment of e-mail authentication protocols such as the Sender ID Framework, which resulted from the merger of SPF and Caller ID, an e-mail authentication protocol proposed by Microsoft. Further details about CipherTrust’s recent study can be found at www.ciphertrust.com/spf_stats .

Paul Judge, chief technology officer at CipherTrust, explained: “There is some bad news and good news about e-mail authentication protocols. First the bad news: these protocols alone are not effective in identifying spam because spammers are doing what they always have – adapting in order to circumvent measures aimed at stopping spam. The good news is the largest organizations in the world are recognizing the importance of e-mail authentication because it is very effective at stopping spoofing and phishing attacks. The rollout of the latest protocol, Sender ID, is led by strong industry collaboration, and will result in widespread deployment and success in the fight against spoofing and phishing.”

As the leading messaging security provider with 30 percent of the Fortune 100 among its customer base, CipherTrust has been extremely active in its support of e-mail authentication protocols over the last 18 months. In fact, CipherTrust’s Dr. Judge served as founder and chartering chairman of the Internet Research Task Force’s Anti-Spam Research Group (ASRG) in March 2003, out of which the original proposals leading to SPF were borne. Less than one year later in February 2004, CipherTrust became the first e-mail security vendor to incorporate SPF into its product, and pledged on May 26 to support the Sender ID Framework. In order to protect its customers from spoofing and phishing attacks, CipherTrust’s IronMail currently incorporates SPF as one of more than a thousand characteristics to identify unwanted messages, and will do the same once Microsoft’s Sender ID Framework protocol is available.

CipherTrust regularly monitors and analyzes traffic running through the nearly two thousand IronMail appliances deployed in the field to ensure customers are protected against new and innovative threats. Unlike some other research efforts, which use "spam traps" to lure and analyze e-mail messages, CipherTrust's research team analyzes spam messages targeting leading companies worldwide which are caught by the award-winning IronMail messaging security solution.

Explore further: Why the Sony hack isn't big news in Japan

add to favorites email to friend print save as pdf

Related Stories

Why the Sony hack isn't big news in Japan

14 hours ago

Japan's biggest newspaper, Yomiuri Shimbun, featured a story about Sony Corp. on its website Friday. It wasn't about hacking. It was about the company's struggling tablet business.

Hopes, fears, doubts surround Cuba's oil future

16 hours ago

One of the most prolific oil and gas basins on the planet sits just off Cuba's northwest coast, and the thaw in relations with the United States is giving rise to hopes that Cuba can now get in on the action.

Ancient clay seals may shed light on biblical era

16 hours ago

Impressions from ancient clay seals found at a small site in Israel east of Gaza are signs of government in an area thought to be entirely rural during the 10th century B.C., says Mississippi State University archaeologist ...

Off-world manufacturing is a go with space printer

18 hours ago

On Friday, the BBC reported on a NASA email exchange with a space station which involved astronauts on the International Space Station using their 3-D printer to make a wrench from instructions sent up in ...

Recommended for you

Impoverished North Korea falls back on cyber weapons

Dec 19, 2014

As one of the world's most impoverished powers, North Korea would struggle to match America's military or economic might, but appears to have settled on a relatively cheap method to torment its foe.

Five ways to make your email safer in case of a hack attack

Dec 19, 2014

The Sony hack, the latest in a wave of company security breaches, exposed months of employee emails. Other hacks have given attackers access to sensitive information about a company and its customers, such as credit-card ...

2012 movie massacre hung over 'Interview' decision

Dec 19, 2014

When a group claiming credit for the hacking of Sony Pictures Entertainment threated violence against theaters showing "The Interview" earlier this week, the fate of the movie's big-screen life was all but ...

User comments : 0

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.