How to fix e-mail authentication spec
Sender Policy Framework, a specification designed to authenticate e-mail senders and therefore cut down on spam, has one significant flaw -- which a technologist presenting at the MIT Spam Conference 2007 here last Friday aims to fix.
SPF attempts to eliminate spoofing -- or forging the “from” component of an e-mail -- by having senders specify which mail servers they use to send messages from their domain. The server receiving the mail then can check that the server the message came from matches published DNS information, according to the SPF Project.
[ Read more ]
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.