More and more, government and industry are seeing email authentification technologies as a solution to the problems of spam and phishing.

Advances in email-filtering technologies and enforcement efforts have made spamming a more difficult, less lucrative, business. In response, however, spammers and a growing breed of cyber-scammers known as phishers or spoofers have become more creative -- and malicious -- in their attempts to steal personal information and financial assets from Internet users. These criminals exploit the lack of verifiable identity in email to trick filters and email recipients into thinking the message is coming from a legitimate, trusted source. Phishing is a critical issue as it compromises trust among all Internet users.

To address the growing problems of spam and phishing, industry and regulatory agencies have called for the adoption of email authentication technologies. These technologies verify that the email sender is who it claims to be. By providing a mechanism to confirm senders’ identities, email authentification technologies will enable both spam filters and enforcement efforts to be more effective.

Successful deployment of email authentication is achieved in phases, incorporating multiple approaches and technologies. Today there are two primary methodologies: IP-based solutions such as Sender ID Framework and signature-based approaches such as Yahoo's DomainKeys and Cisco’s Identified Internet Mail. Both have a place in deploying authentication for email.

The federal government, especially the Federal Trade Commission (FTC), has also taken a strong leadership role on anti-spam enforcement. It recognizes the serious implications of spam to consumers and is looking at email authentication as a promising technological development that will allow domain holders to more effectively filter spam. To address these concerns, the FTC held an Email Authentication Summit November 9-10, 2004. Before the summit, TRUSTe submitted comments to the FTC. They can be viewed at http://www.truste.org/about/legal_and_regulatory.php. At the same time, an additional 35 organizations submitted a letter lauding the FTC for its recognition of email authentication and calling for the rapid adoption of the Sender ID framework.

By working together, government and industry are collaborating to lead the adoption of email authentication to help protect users and restore online confidence. While authentication alone will not stop spam or phishing, it does provide a critical technological foundation for reputation and accreditation services. For more information on how TRUSTe’s email services can help restore trust among your users, click here..

 

MAXAMINE