Slashdot Mirror


AOL Tests Sender Permitted From / E-mail Caller ID

securitas writes "ZDNet reports that AOL is testing Sender Permitted From (SPF), 'an antispam filter intended to accurately trace the origin of e-mail messages.' AOL is performing the widescale SPF test with its 33 million subscribers worldwide. The system works by letting recipients use the SPF record to cross-check DNS data associated with AOL's IP addresses and confirm that the message originated from AOL's servers. The system is one of three competing e-mail authentication protocols. The other IP-identifying protocols are the Designated Mailers Protocol (DMP) and Reverse Mail Exchange (RME/RMX). All systems alter the DNS database to let e-mail servers publish the IP addresses that they use to send e-mail."

4 of 448 comments (clear)

  1. So far, so good by TheOtherChimeraTwin · · Score: 5, Interesting

    I've had trouble with spammers doing small runs with my domain name on AOL. Since I've set up SPF, I haven't had a single bounce from AOL-bound spam. It might just be luck, but as far as I can tell, SPF is helping.

  2. What about commercial or throwaway accounts? by Anonymovs+Coward · · Score: 5, Interesting
    Lots of e-businesses generate unique email addresses for different consumer requests, which can then be thrown away, and individuals and mailing list managers (like ezmlm for subscription confirmations) do this too. It works because often the part of the email address after a + sign (or for qmail, a -) is ignored by the mail delivery agent, but can still be used for filtering/sorting mail by the user. Seems to me any DNS-based email address registry has to be smart enough to deal with it.

    I suspect that as the big commercial guys get more and more aggressive in breaking email standards in the name of combating spam, the internet will split into different incompatible email groups: the old-fashioned types (which include many university departments still) who use a text console and a program like pine or elm, and the AOL/Hotmail/Yahoo crowd. To some extent it's already happening: I can barely read some messages sent from MS Outlook, they're formatted so badly, and as a result I'm less likely to reply to them.

  3. Re:AOL muscle by PygmySurfer · · Score: 5, Interesting

    Using muscle to force the Internet into a standard isn't going to work. We need something that *is* a standard, rather than *pushing* a standard upon people.

    Standards don't miraculously appear out of mid-air. Standards are created when one implementation of an idea is chosen over other implementations. Unfortunately, as at least one of your examples shows, we see that its not a

    Right now, AOL and several other groups are developing an implementation of a Spam-tracking system. Eventually, one of these systems may win out. If/when it does, a standard is born.

  4. As usual, D. J. Bernstein has the ACTUAL solution by Anonymous Coward · · Score: 5, Interesting

    The idea behind Internet Mail 2000 is obviously correct. Why waste time on DNS-based approaches when we COULD be developing the Solution?