[an error occurred while processing this directive]
BBC News
watch One-Minute World News
Last Updated: Friday, 1 October, 2004, 12:11 GMT 13:11 UK
Net giants adopt anti-spam system
Screengrab of spam in e-mail inbox, BBC
Spam is a problem for everyone
The fight against spam is getting more serious as the net's big players impose conditions on bulk mail senders.

From October, AOL, Yahoo, Hotmail, Earthlink and Comcast want those that send lots of messages to their users to comply with new mail standards.

These technical specifications will help reveal whether a message came from the net address it claims to.

This will help identify hi-tech con artists posing as banks and net domains known to pump out junk mail messages.

Breaking the chain

The five big firms want every organisation that sends out lots of e-mail, including spammers, to comply with technical standards known as the Sender Policy Framework (SPF) and Sender-ID.

Despite the different names, these both do the same job of authenticating where an e-mail message came from.

The reality is that well north of 90% of spam that's sent never comes from the same address twice
Dave Anderson, SendMail
Spoofing the origins of a message has become very popular with phishing gangs that send out e-mail messages that look like they came from a bank or other financial firm.

Typically these ask users to re-enter login or account details along with passwords. Those that fall victim to these scams can see their accounts cleaned out.

Messages sent to users of the five organisations that cannot be authenticated will be assumed to be spam or a phishing attempt and will be rejected.

This system will help organisations that use e-mail for legitimate marketing to get their messages through.

"It makes a huge difference on the phishing side," said Dave Anderson, chief executive of e-mail system maker SendMail. "For spammers this breaks the mechanism they have been using."

"The reality is that well north of 90% of spam that's sent never comes from the same address twice," he said. "We really have to change the way we think about this."

Slowing spam

Sender-ID was originally a Microsoft proposal known as Caller-ID for E-Mail and, until recently, was being merged with SPF into a single specification.

Image of online bank login screen, BBC
Phishing attempts are growing in sophistication
However, a dispute over the conditions Microsoft imposed on use of the Caller-ID technology led to the Sender-ID standard being dropped by the working group that pushes forward net technical standards.

But, said Mr Anderson, the six months of work done on Sender-ID has not been wasted.

"The SPF and Sender-ID people are still working together and are going to be using a common record format so you don't have to put up two sets of data," he said.

"By the end of this year we expect that half of the e-mail sent in the US will have SPF records or some other form of authentication on it," said Mr Anderson.

"But the more effective we are at filtering out spam, the more they will send."

He said greater use of authentication systems and lists of reputable e-mail senders should make a big difference.

"The amount of spam seen by users will plummet, if not go to zero," he said.



SEE ALSO:
Spammers exploit anti-spam trap
07 Sep 04  |  Technology
Home PCs hijacked to spread spam
03 Aug 04  |  Technology
Spammers go east with junk offers
22 Sep 04  |  Technology
Microsoft's spam plan rejected
14 Sep 04  |  Technology
Home PCs hijacked to spread spam
08 Oct 04  |  Technology


RELATED INTERNET LINKS:
The BBC is not responsible for the content of external internet sites


PRODUCTS AND SERVICES

News Front Page | Africa | Americas | Asia-Pacific | Europe | Middle East | South Asia
UK | Business | Entertainment | Science/Nature | Technology | Health
Have Your Say | In Pictures | Week at a Glance | Country Profiles | In Depth | Programmes
Americas Africa Europe Middle East South Asia Asia Pacific