I read a good article on the pros and cons of the main two methods for e-mail authentication, both attempting to provide a "caller ID" type service for e-mail so that ISPs or recipients can filter out spam. "Domain keys" (supported by Yahoo) uses a verification process, encryption, and a reputation score. The simpler "Sender ID" method (supported by Microsoft) uses a list of approved sender IP addresses. Neither is a complete and perfect solution since: 1. These methods, like Caller ID on your phone, rely on an understanding by users of what the information (e.g., sender reputation scores) means, so education is needed. 2. Spammers can go through the approval process (until they are later caught and weeded out). 3. Zombie PCs (PCs of legitimate businesses or users) taken over by hackers can send spam, which would therefore come from a previously legitimate source. 4. The whole process of migrating to authentication-based e-mail suffers from a chicken-and-egg problem. Companies and end users have little incentive to adopt the technology until it has caught on with others. If Windows and Mac OS X, along with the most popular other software, had it built in, this would help. All in all, both methods could help reduce spam and e-mail-based scams, and any improvement should be welcome.