posted on Friday, February 27, 2004 9:37 AM
by
demiliani
Caller ID for Email?
On the last Bill Gates Outlines Technology Vision to Help Stop Spam, he announced a detailed vision and proposals on how technology can be used to help put an end to spam and in particular he talks about Caller ID for E-Mail. A little resume from MS:
These Microsoft draft specification addresses the widespread problem of domain spoofing. Domain spoofing refers specifically to the use of someone else's domain name when sending a message, and is part of the larger spoofing problem, the practice of forging the sender's address on e-mail messages.
Caller ID for e-mail would verify that each e-mail message originates from the Internet domain it claims to come from. Eliminating domain spoofing will help legitimate senders protect their domain names and reputations, and help recipients more effectively identify and filter junk e-mail.
The proposal involves three steps to authenticate a sender:
- E-mail senders, large or small, publish the Internet protocol (IP) addresses of their outbound e-mail servers in the Domain Name System (DNS) in a format described in the Caller ID for E-Mail specification.
- Recipient e-mail systems examine each message to determine the purported responsible domain (i.e., the Internet domain that purports to have sent the message).
- Recipient e-mail systems query the DNS for the list of outbound e-mail server IP addresses of the purported responsible domain. They then check whether the IP address from which the message was received is on that list. If no match is found, the message has most likely been spoofed.
What do you think? Will be the key to stop spam?