Microsoft on Wednesday said it plans to submit a proposal to make its antispam technology a standard, becoming the latest Internet giant to seek industry approval for the adoption of its technique.
The technology, called "Caller ID for E-mail," is an Internet Protocol-based method to ensure that the sender's return e-mail address is authentic. Many spammers have used a method called "spoofing," which makes their return addresses appear legitimate to the recipient's spam filters. Often, people open unwanted spam, thinking it originated from a contact, which could lead to the further dissemination of viruses and user annoyance.
Microsoft plans to file its proposal to the Internet Engineering Task Force (IETF), an industry standards body, either this week or next. "It's imminent," Microsoft spokesman Sean Sundwall said. The company's expected submission comes soon after Yahoo submitted its own e-mail authentication proposal on Tuesday to the IETF. The technology, called DomainKeys, tries to achieve the same objective as Caller ID, but through a different system. DomainKeys matches digital signatures between the e-mail and the server to gain admittance into a person's in-box.
News source: C|Net News.com
The technology, called "Caller ID for E-mail," is an Internet Protocol-based method to ensure that the sender's return e-mail address is authentic. Many spammers have used a method called "spoofing," which makes their return addresses appear legitimate to the recipient's spam filters. Often, people open unwanted spam, thinking it originated from a contact, which could lead to the further dissemination of viruses and user annoyance.
Microsoft plans to file its proposal to the Internet Engineering Task Force (IETF), an industry standards body, either this week or next. "It's imminent," Microsoft spokesman Sean Sundwall said. The company's expected submission comes soon after Yahoo submitted its own e-mail authentication proposal on Tuesday to the IETF. The technology, called DomainKeys, tries to achieve the same objective as Caller ID, but through a different system. DomainKeys matches digital signatures between the e-mail and the server to gain admittance into a person's in-box.
News source: C|Net News.com
Updates** 42 Windows XP Pre-Service Pack 2 Critical Updates
** 31 Windows XP Pre-Service Pack 2 Recommended Updates
** 07 Internet Explorer Updates
** 03 Outlook Express Updates
** Bootvis Tool (version 1.3.37)
** Euro Conversion Tool
** MSN Messenger 6.2.0133 w/ Option to uninstall Windows Messenger 4.7
** Windows Messenger 5.0.0482 (if you chose not to install MSN Messenger)
** Microsoft Virtual Machine w/ 2 Updates
** Sun Java 1.4.2_04 (for those running SP1a or SP1)
** Microsoft Baseline Security Analyzer 1.2
** Microsoft Data Access Components 2.8 w/ 1 Update
** Microsoft DirectX 9.0b w/ 1 Update & Optional Control Panel Shortcut
** Microsoft Jet 4.0 Service Pack 8
** Microsoft Jet 4.0 Service Pack 8 Replication Update
** Microsoft .NET Framework 1.1 w/ 1 Update
** Microsoft SharePoint Migration Tool
** Microsoft Windows Journal Viewer
** Windows XP PowerToys (including 8 Bonus Powertoys)
** Microsoft XML 3.0 SP4
** Microsoft XML 4.0 SP2
** Windows Media Player 9 w/ Update to Build 3128 & 8 other Updates & Enhancements
** Windows Movie Maker 2.0
** Windows Rights Management Client 1.0
** 3D Windows XP ScreenSaver
** Adaptec ASPI Layer for Windows XP
** Bliss Screensaver
** Microsoft American Flag ScreenSaver
** Device Manager Shortcut to All Programs Menu
** Desktop Icon Restore Tool
** Windows Media Player Classic version 6.4.8.2
** Microsoft Virtual CD Tool
** Google Toolbar
** Ink Redist
** PortReporter Tool
** Euro Fonts Update
** Hive Cleanup tool
** Ability to remove ASP.Net Uset Account
** Ability to remove all Windows XP ScreenSavers
** Ability to remove all Win9x based Wallpapers
** Ability to remove all Windows XP Wallpapers
** IE Spy-Ad
** Optional Internet Explorer Spellcheck tool
** System Uptime Tool
** Macromedia Flash Player
** Macromedia Shockwave Player
** MSN Plus 2.5.4
** Neowin Screensaver (XP logon Hack)
** Microsoft NZ Bliss Wallpaper
** Option to replace update 8-Bit Shutdown and Logoff Icons on Windows Classic Theme
** Startup Monitor
** Startup CPL
** UxTheme.dll Patcher (so you can use custom themes)
** 60 Registry Tweaks
** And Much More!!
i just want the crap out of my email
Several (many?) ISPs, as a measure to reduce spam sent through their networks, do not allow users to connect to outside SMTP servers, period. So if I have abc123.com & wish to send mail from that domain, I actually have to send it through my ISP account & "spoof" the return addy as coming from abc123.com... which in effect, would most like trigger each of these proposed systems to flag the email as unauthentic.
The reality is that noone should be able to send mail except as the domain they are using (verizon services only can use verizon.com email, etc)
It's forcing services to become more strict about usage, which frankly is a good thing, imho.
Which is precisely what these goofy ISPs are preventing. I would much rather send MYDomain.com's mail through MyDomain.com's own SMTP server... but nooo, it is actaully having to be sent from ISP.com and be spoofed as MyDomain.com mail.
By blocking port 25, all these ISPs have done is restrict legitimate use. Spammers insistant on sending spam will simply have their SMTP servers listen to port 26 as well to send their spam. Such a move could be done by the avg Joe as well if he had the authority to tweak SMTP (which most do not, as they are on virtual hosting), and even if they could... sending mail to an SMTP server on any other port other than 25 is a TOS violation in many cases.
Remember, the bad-buys arent using the ISP's SMTP server, they are connecting to other SMTP servers. Yes, it is their bandwidth/connection you are using, and while they do indeed have the right to do such a thing, they in effect hurt more of their legit customers than they hurt spammers in the over-policing of what one does.
I agree that the proposed 'caller-id-like' system is a good move, but with the way some of these ISPs have handled past situations, it will cause a ****load more headaches if the 'caller-id' methods are put to wide-spread use. Not becuase of the 'caller-id' but because of the bonehead ISPs.
There are soo many ways the ISP could have handled the problem of spam being sent by those connecting to outside SMTP servers...
But how'd they do it? The most assinine way possible, an all out incoming/outgoing block on port 25.
While I believe they could easily work around any future such problems with "caller-id" & the likes, I have a hard time believing they would actually do so in the correct manner. Any competent sys admin knows that just putting a block on port 25 did virtually nothing to the spammers, so why should we believe they'll get it right next time?
Last edited by 10547 on 20 May 2004 - 05:33
Beware low flying pigs.
spam has gone on too long, it can't be stopped but can be majorly reduced
microsoft, and yahoo could do it, but do they have any way of profitting from all spam being fixed, or do they just want their own spam filters to work
I think they just want their own to work, correct me if I'm wrong
dont jump the gun there
Commenting has either been disabled on this article or you are not logged in. Click here to login or register, its free!
Note: Anonymous commenting is disabled in order to keep the quality of responses to a high standard.