Bye Bye Spam and Phishing with DKIM?

ppadala writes "While research from PEW Internet (PDF) shows that few users really are bothered by spam, IETF is supporting a public key cryptographic based e-mail authentication mechanism called DomainKeys Identified Mail (DKIM) Signatures . The new spec is supposed to help in fighting both spam and fraud. From Ars Technica: 'DKIM's precursor, DomainKeys, was originally developed by Yahoo. The specifications for DKIM were then extended by an informal group of IT organizations that included companies like Yahoo, Cisco, EarthLink, Microsoft, and VeriSign, among others. It was first submitted by the group to the IETF in mid-2005, but only recently published by the IETF. The spec is still to be incorporated into a more formal draft and submitted for approval, however.'"

Re:Prefer SPF

[MightyMartian]

SPF is protecting 8 million domains

I think the proper phrase is "SPF has cluttered up the TXT field of 8 million domain records, most of them with NEUTRAL because no one has the balls to actually let this creature roam the Internet without a heavy chain".

I believed in SPF about three years ago, but it became very clear that it (and Sender ID too) wouldn't do a damn thing, and Domain Keys seems no different.

Re:Prefer SPF

[MightyMartian]

The problem with putting your eggs in a basket is that it you're putting a helluva lot of trust in a system which is nothing more than a good neighbor policy. A lot of guys I know simply put in SPF records that set them to neutral, because they were ISPs who had clients who were sending from various restrictive networks that blocked them (yes I know, switching ports, SMTP auth and all that ought to do the trick, but we're in the real world here). SPF wasn't perfect, and forwarding was a major failure that was only solved by envelope-rewriting.

I adopted SPF on the domains I ran early on too, not because I thought it would do a damn thing, but because I didn't want to get screwed by some anal-retentive at RoadRunner who decided to start blocking everything that didn't come from an SPF-record holding domain.

SPF, SenderID and DomainKeys probably could have a good deal more success if they were more widely adopted, but they still wouldn't stop some of the big sources of spam. Even with that in place, the mail system is still vulnerable. We were getting such a high volume of distributed dictionary attacks at the place I worked at that we literally had to hide our mail server behind some Postfix proxies which did nothing more than reject hundrds of thousands (and some days millions) of individual attacks per day.

Re:Will my ISP Quit Blocking Port 25, Finally?

[killjoe]

Here is what I would like.

If an IP address makes more then X connections to my SMTP port at the same time it gets routed to a teergrube.
If an IP address attempts to send email to Y number of invalid users it gets routed to a teergrube.
If an IP address sends me Z number of spam as marked by spamassassin it gets routed to a teergrube.
If an IP address is on the RBL of my choice it gets routed to a teergrube.

And of course a teergrube which can handle a few hundred simultaneous connections and keep them busy for hours.

If we all had all this then at least we could make a dent in the amount of spam going out.

Users are not bothered by spam?

[Gary+W.+Longsine]

I find it difficult to believe that most users are not bothered by spam. As far as I can tell, legitimate email use has been falling dramatically for the past couple years, as people flee the effects of spam, switching to SMS and IM (Jabber, AIM, etc.) Email use within a single corporation remains popular, but home users seem to be abandoning email outright. Some people have given up ordinary email and only use locked-down email inside of social network sites. Spam seems to be killing email. If that doesn't bother people, it's only because they fled email for IM, SMS, and Myspace. If spam follows them, and they have nowhere else to run, they're going to become pretty irate.