E-mail authentication

Discussion in 'General Mac Discussion' started by Doctor Q, Aug 17, 2005.

  1. Doctor Q Administrator

    Doctor Q

    Staff Member

    Joined:
    Sep 19, 2002
    Location:
    Los Angeles
    #1
    I read a good article on the pros and cons of the main two methods for e-mail authentication, both attempting to provide a "caller ID" type service for e-mail so that ISPs or recipients can filter out spam.

    "Domain keys" (supported by Yahoo) uses a verification process, encryption, and a reputation score. The simpler "Sender ID" method (supported by Microsoft) uses a list of approved sender IP addresses.

    Neither is a complete and perfect solution since:

    1. These methods, like Caller ID on your phone, rely on an understanding by users of what the information (e.g., sender reputation scores) means, so education is needed.

    2. Spammers can go through the approval process (until they are later caught and weeded out).

    3. Zombie PCs (PCs of legitimate businesses or users) taken over by hackers can send spam, which would therefore come from a previously legitimate source.

    4. The whole process of migrating to authentication-based e-mail suffers from a chicken-and-egg problem. Companies and end users have little incentive to adopt the technology until it has caught on with others. If Windows and Mac OS X, along with the most popular other software, had it built in, this would help.

    All in all, both methods could help reduce spam and e-mail-based scams, and any improvement should be welcome.
     
  2. Doctor Q thread starter Administrator

    Doctor Q

    Staff Member

    Joined:
    Sep 19, 2002
    Location:
    Los Angeles
    #2
    If they need a potentially foolproof (yes, foolproof) method of encryption, here's the underpinnings of a method we might get to use in 5 or 10 years: quantum cryptography.

    These researchers found that they could measure the position of a photon within a pixel array to learn information about (or, the way some people explain the theory, cause a particular position of) another photon that is quantum linked (entangled) to it and therefore mirrors its position within an identical pixel array.

    Because the information content depends on the number of pixels in the pixel array, this method stores more information than previous quantum cryptography methods that rely on binary properties such as polarization.
     
  3. rdowns Suspended

    rdowns

    Joined:
    Jul 11, 2003
    #3
    I use an Email Service Provider to deliver emails at work. Helps with issues of list cleanliness, deliverability and bogus spam reports.

    At a recent conference, they spoke of an initiative that would allow a server to only send 20,000 emails a day used with another of the ideas out there like Sender ID. Theory is that spammers would not invest in the hardware necessary to deliver the huge amounts of email they need to make it worthwhile.
     
  4. dubbz macrumors 68020

    dubbz

    Joined:
    Sep 3, 2003
    Location:
    Alta, Norway
    #4
    Another issue with Sender ID is that Microsoft holds some patents revelant to the technology, with terms not compatible with the GPL, making it unpopular with some free software groups (which is problematic consider how much of the net is powered by free software).

    Yahoo! have some patents related to Domain Keys but they are licensed under (free software) friendly terms.
     

Share This Page