Home
Loading Carousel Data, Please wait ..


More News
Get news delivered to you
BYTE Technologists

BYTE Categories
BYTE Newsletter
Keep up with all the BYTE News and Reviews

Subscribe
News

New Industry Alliance Targets Phishing And Spam

| Larry Seltzer, BYTE | January 31, 2012 01:23 PM


A new industry consortium is attempting to advance the slow-moving state of the art in email security. Domain-based Message Authentication, Reporting & Conformance--DMARC--is a specification that builds on the two legacy techniques for email authentication: Sender Policy Framework (SPF) and DomainKeys Identified Mail (DKIM).

More Insights

Webcasts

More >>

White Papers

More >>

Reports

More >>

The DMARC spec creates a set of wrapper specifications and procedures around SPF and DKIM, both of which have been around for many years. The goal is both to make them easier to work with on the recipient side, and to press large email senders to sign 100% of their outbound email.

Both SPF and DKIM use the DNS records of the sending party to store information that the receiver can use to verify that the sender is actually sending from that domain. So where a phishing email appears to be "From: support@paypal.com", DKIM and SPF would detect that it wasn't actually sent from the servers in those domains.

DMARC calls on email senders to sign 100% of their outbound email and to include email headers that more clearly indicate the domain of the signer. Recipients also can more easily report domain spoofs to the legitimate senders.

I asked John Levine, an author and consultant on Internet security and one of the authors of the DKIM-related Author Domain Signing Practices (ADSP) standard about DMARC. He says it's a good thing as far as it goes, but "...it does have some of the chronic Internet tendency to put a steel door on a cardboard box." Like many security standards that are not mandatory, if it's not implemented then it won't fail. Neither DKIM nor SPF are at the point where a recipient can say that they will only accept messages that use them. Therefore you still need to keep your eyes open.

Consider the example of Bank of America, a member of DMARC and a prime phishing target. BofA has bought up a large number of Internet domains suggestive of its bank name or typos of the name (such as 1800thebofa.com, bancofamerica.com, wwwbankamerica.com). However, the total number of potential domains is very, very large. For instance, BofA does not own wwwbankfoamerica.com. So if a phishing email comes to you from support@wwwbankfoamerica.com, it won't fail an SPF or DKIM check because it won't use those features.

Or maybe SPF, DKIM, or both will kick in--but the email still won't be suspect because the phisher controls the DNS server and puts proper information in it.

So email security has advanced a little bit and it's easier for organizations to follow best practices, but the real problem is that these practices are still just recommendations. Until recipients can require inbound mail to be signed and do a reasonable reputation check on the sending domain, protection through DMARC will be far less effective than it might.

Larry Seltzer is the Editorial Director of Byte.



Related Reading

News

Most Popular

Commentary

On the Web



Currently we allow the following HTML tags in comments:

Single tags

These tags can be used alone and don't need an ending tag.

<br> Defines a single line break

<hr> Defines a horizontal line

Matching tags

These require an ending tag - e.g. <i>italic text</i>

<a> Defines an anchor

<b> Defines bold text

<big> Defines big text

<blockquote> Defines a long quotation

<caption> Defines a table caption

<cite> Defines a citation

<code> Defines computer code text

<em> Defines emphasized text

<fieldset> Defines a border around elements in a form

<h1> This is heading 1

<h2> This is heading 2

<h3> This is heading 3

<h4> This is heading 4

<h5> This is heading 5

<h6> This is heading 6

<i> Defines italic text

<p> Defines a paragraph

<pre> Defines preformatted text

<q> Defines a short quotation

<samp> Defines sample computer code text

<small> Defines small text

<span> Defines a section in a document

<s> Defines strikethrough text

<strike> Defines strikethrough text

<strong> Defines strong text

<sub> Defines subscripted text

<sup> Defines superscripted text

<u> Defines underlined text

BYTE encourages readers to engage in spirited, healthy debate, including taking us to task. However, BYTE moderates all comments posted to our site, and reserves the right to modify or remove any content that it determines to be derogatory, offensive, inflammatory, vulgar, irrelevant/off-topic, racist or obvious marketing/SPAM. BYTE further reserves the right to disable the profile of any commenter participating in said activities.

Disqus Tips To upload an avatar photo, first complete your Disqus profile. | View the list of supported HTML tags you can use to style comments. | Please read our commenting policy.
COMMENTS
Tune In to BYTE
Facebook Twitter LinkedIn Newsletter RSS
Related Webcasts
Whitepapers
whitepaper
CIO Strategies for Consumerization: The Future of Enterprise Mobile Computing
In this paper you will learn the five trends shaping the future of enterprise mobility. Learn how the rise of social media as a business application, the lurring between work and home, the emergence of new mobile devices, the demand for tech savvy employees and changing expectations of corporate IT will fundamentally change the workplace.
whitepaper
Media Tablets in the Enterprise
In a survey of more than 1,700 information workers (iWorkers) in North America, notebooks, desktops, and smartphones were found to be “must-have” devices, while tablets, slates, and netbooks were relegated to “nice-to-have” status, according to a commissioned study conducted by Forrester Consulting on behalf of Dell and Intel.
Sponsored by: Dell
Upcoming Events
View More >>


Oct 20: Becoming a Security Detective - Gathering and Analyzing Security Intelligence in the Enterprise

In this all-day virtual event, experts will offer detailed insight in how to collect security intelligence in the enterprise, and how to analyze and study it in order to efficiently identify new threats as well as low-and-slow attacks such as advanced persistent threats. Register today!

Platinum Sponsors: ArcSight, NetIQ, Proofpoint, Thawte
Gold Sponsor: Q1 Labs



October 6: InformationWeek 500 Virtual Event: The Need for Speed

At the 2011 InformationWeek 500 Virtual Conference, C-level executives from leading global companies will gather to discuss how their organizations are turbo-charging business execution and growth.

Platinum Sponsor: ArcSight, Workday
Gold Sponsor: IBM


Aug 25: InformationWeek & Dark Reading present: How Security Breaches Happen and What Your Organization Can Do About Them

Attendees will get insights on how to prevent breaches from happening, how to research and identify the source of a breach, and how to remediate a compromise as quickly and efficiently as possible.

Platinum Sponsor: ArcSight, NetIQ, Thawte
Gold Sponsors: Lumension, NetGear, GFI
Silver Sponsor: Motorola


July 28: InformationWeek & Symantec present: Infrastructure at Risk -- Taking Decisive Action to Secure Your Critical Data Assets

Join the editors of InformationWeek and leading security experts from Symantec for an in-depth look at the current threats faced by large and small organizations, and the implications for your business, your customers, and even your country. You'll hear how today's threat landscape is changing drastically, and learn the latest countermeasures and best practices to keep your company's precious data assets out of the hands of determined cybercriminals.


July 27: Electronic Health Records -- Moving from Concept to Reality

At this InformationWeek Healthcare Virtual Event, we will talk with healthcare practitioners, IT professionals and other industry experts about issues surrounding EHR selection, deployment and use.

Platinum Sponsor: HP, Intel, GBS, Geotrust, NextGen
Silver Sponsor: Proofpoint


On-Demand: InformationWeek & Interop present: Business Mobility Unleashed

 In this virtual event, the leaders behind InformationWeek Business Technology Network and Interop zero in on the top mobile technologies and techniques you'll need to understand and master to ensure your organization thrives in the wireless world.
Platinum Sponsors: Alcatel-Lucent, APC
Gold Sponsor: HP
Silver Sponsor: Emerson Network Power
Bronze Sponsor: Skybot


On-Demand: Cybersecurity Best Practices

 In this half-day virtual event, experts assess the state of cybersecurity in government and present the latest strategies for creating a more secure, attack-proof IT infrastructure. This event will help CISOs and other information assurance professionals in federal, state, and local government stay on top of the latest developments in the field.
Platinum Sponsor: GeoTrust
Gold Sponsor: Bit9


On-Demand: Data Center Transformation

Data centers are undergoing incredible transformations that create both opportunities and challenges for IT professionals. Server virtualization enables rapid provisioning, more efficient use of resources, and improved disaster recovery. That trend will continue with storage and network virtualization, allowing IT pros to further abstract -- and optimize -- data center resources.In this virtual event, you will learn how prepare your organization for a data center transformation.
Platinum Sponsors: AMD, APC, Cisco, Eaton, SunGard
Gold Sponsor: Emerson Network Power


On-Demand: Cloud Computing Roadmap: Controlling the Cloud - Managing, Optimizing and Integrating Cloud Services with Your Existing IT Infrastructure

In this virtual event, you'll learn how to craft your own strategy for successfully embracing and integrating new cloud computing capabilities without derailing or destroying your current IT roadmap.
Platinum Sponsors: ArcSight, GoToAssist, SunGard, thawte
Gold Sponsor: Symform
Silver Sponsor: Skybot


On-Demand: Plugging the Leaks -- Finding and Fixing the IT Security Holes in your Enterprise

In this virtual event presented by Dark Reading and InformationWeek, you'll find out how criminals target the flaws in your IT environment, and you'll get some insight on the best methods for finding and fixing your vulnerabilities -- before you're hit by malware or unauthorized access.
Platinum Sponsors: NetIQ, Novell, thawte, Webroot
Gold Sponsors: ArcSight, Bit9, OpenText
Silver Sponsor: Application Security, Core Security, Lumension

 

View More >>



The 2011 Informationweek 500 Conference will be held at the beautiful St. Regis Monarch Beach Resort, Dana Point, CA. Mark your calendars for September 11-13, 2011.



InformationWeek Healthcare IT Leadership Forum




Bank Systems & Technology Executive Summit 2011

View More >>
Related Reports
Related Whitepapers