Spammers Are Also Adopting SPF Standard

Sep 04, 2004

Research Shows Spammers Adapting to Authentication Protocol, But Widespread Enterprise Deployment Will Help Prevent Phishing and Spoofing. CipherTrust, Inc., the leader in messaging security, today released the findings of its latest analysis of real-world e-mail messages sent between May and August collected from companies worldwide which use IronMail, CipherTrust’s award-winning messaging security appliance. The analysis is focused specifically on the deployment rate and effectiveness of the Sender Policy Framework (SPF) e-mail authentication protocol. Most noteworthy is definitive evidence that SPF is not effective in identifying spam; however, e-mail authentication protocols like SPF do in fact prevent spoofing and phishing attacks.

In fact, according to CipherTrust’s research, 34 percent more spam is passing SPF checks than legitimate e-mail because spammers are actively registering their SPF records. In short, as long as spammers comply with the protocol by not spoofing the sender address, their messages will not be stopped by SPF. E-mail authentication does not determine whether a message is “good” or “bad,” but simply verifies that the sender is who it claims to be. CipherTrust’s research finds that a spam message is three times more likely to pass an SPF check than it is to fail it. Therefore, organizations cannot rely on such techniques alone to fight the spam epidemic, but should include e-mail authentication as part of their fraud and spam prevention arsenal.

CipherTrust’s recent study also reveals the number of Fortune 1000 companies deploying available e-mail authentication protocols has increased by nearly 200 percent since May. CipherTrust recommends that companies and their e-mail security providers take necessary steps to actively participate in the deployment of e-mail authentication protocols such as the Sender ID Framework, which resulted from the merger of SPF and Caller ID, an e-mail authentication protocol proposed by Microsoft. Further details about CipherTrust’s recent study can be found at www.ciphertrust.com/spf_stats .

Paul Judge, chief technology officer at CipherTrust, explained: “There is some bad news and good news about e-mail authentication protocols. First the bad news: these protocols alone are not effective in identifying spam because spammers are doing what they always have – adapting in order to circumvent measures aimed at stopping spam. The good news is the largest organizations in the world are recognizing the importance of e-mail authentication because it is very effective at stopping spoofing and phishing attacks. The rollout of the latest protocol, Sender ID, is led by strong industry collaboration, and will result in widespread deployment and success in the fight against spoofing and phishing.”

As the leading messaging security provider with 30 percent of the Fortune 100 among its customer base, CipherTrust has been extremely active in its support of e-mail authentication protocols over the last 18 months. In fact, CipherTrust’s Dr. Judge served as founder and chartering chairman of the Internet Research Task Force’s Anti-Spam Research Group (ASRG) in March 2003, out of which the original proposals leading to SPF were borne. Less than one year later in February 2004, CipherTrust became the first e-mail security vendor to incorporate SPF into its product, and pledged on May 26 to support the Sender ID Framework. In order to protect its customers from spoofing and phishing attacks, CipherTrust’s IronMail currently incorporates SPF as one of more than a thousand characteristics to identify unwanted messages, and will do the same once Microsoft’s Sender ID Framework protocol is available.

CipherTrust regularly monitors and analyzes traffic running through the nearly two thousand IronMail appliances deployed in the field to ensure customers are protected against new and innovative threats. Unlike some other research efforts, which use "spam traps" to lure and analyze e-mail messages, CipherTrust's research team analyzes spam messages targeting leading companies worldwide which are caught by the award-winning IronMail messaging security solution.

Explore further: Border Protection lends a hand for Super Bowl security

add to favorites email to friend print save as pdf

Related Stories

Obama recommends extended wilderness zone in Alaska

7 hours ago

US President Barack Obama said Sunday he would recommend a large swath of Alaska be designated as wilderness, the highest level of federal protection, in a move likely to anger oil proponents.

NASA craft set to beam home close-ups of Pluto

7 hours ago

Nine years after leaving Earth, the New Horizons spacecraft is at last drawing close to Pluto and on Sunday was expected to start shooting photographs of the dwarf planet.

Navy wants to increase use of sonar-emitting buoys

8 hours ago

The U.S. Navy is seeking permits to expand sonar and other training exercises off the Pacific Coast, a proposal raising concerns from animal advocates who say that more sonar-emitting buoys would harm whales and other creatures ...

Uganda seizes massive ivory and pangolin haul

9 hours ago

Ugandan wildlife officers have seized a huge haul of elephant ivory and pangolin scales, representing the deaths of hundreds of endangered animals, police said Sunday.

Recommended for you

Microsoft profit dips as revenue rises

1 hour ago

Microsoft on Monday reported that its quarterly profit dipped as revenue increased with help from sales of Surface tablets, Xbox One consoles and cloud services.

IBM "flatly denies" report of mass layoffs

7 hours ago

Calling it "ridiculous" and "baseless," IBM on Monday dismissed a report that said the technology giant plans to lay off 1 in 4 of its workers, or 100,000 people.

WikiLeaks accuses Google of handing over emails to US

7 hours ago

Whistleblowing site WikiLeaks on Monday accused Google of handing over the emails and electronic data of its senior staff to the US authorities without providing notification until almost three years later.

User comments : 0

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.