As Mr. Jacobs pointed out, many issues are often caused by technology that was developed five or more years ago, sufficient for use in the early days of spam but no longer meeting the needs of today’s companies. As the world has seen over the past year, spammers have found their way around almost every anti-spam system the industry has been able to implement. In the cases where spammers can’t go through technology, they merely go around it through phishing; well-planned bouts of social engineering, for which, quite unfortunately, there is no cure.
In response to whether Cloudmark believes in the importance of email authentication, Mr. Jacob says, "We actually think authentication in the email system is a good thing, however we are not as willing as others to believe that it’s going to be adopted overnight. The other issue here is at what level the authentication happens. The easier way to do it is authentication around domain names or IP addresses but of course the issue that you run into is that email is a very personal thing. I’m not really interested in trusting the whole of CitiGroup to send me all the right messages that they’re supposed to send me. As a consumer, I want to be able to select what I authenticate. I want to choose what I should get and what I shouldn’t get. Until those systems address those issues, they will only be of use at the very high levels between ISP’s where they can authenticate everyone at Comcast or Yahoo or wherever." For Cloudmark, authentication is just the beginning. They are true believers that in order to have a successful system one has to be able to have authentication as well as reputation. Knowing who a sender is, is one thing, but knowing their reputation should be the deciding factor on whether or not they are allowed through the door. They take a merciful stance when it comes to forgiving spammers for past misdeeds and support their desire to become legitimate.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.