Yahoo Pushing Ahead With Email Authentication Plan
from the someone-had-to-do-something dept
For the past few years, various parties (users, companies, governments) have been saying that we need to do something about spam. However, every time they get together, the argument gets bogged down over things like “well, how do we define spam?” or the government comes up with some sort of quick and dirty law that does nothing to help the situation. Well, now, it appears that Yahoo has had enough of the various consortiums and groups trying to deal with the spam problem and realized, “hey, we’re a pretty big email player – maybe we can just force through a plan.” They’re working on an authentication scheme that would let senders prove they are who they say they are – which would make those who aren’t authenticated more suspect. They’re also pushing the solution out to others to try to make it a sort of de facto standard. On the whole, this doesn’t seem like a bad idea. If you could block out all the forged email, it would get rid of an awful lot of spam. Then, any of the spam that does get through could be tracked down more easily as well.
Comments on “Yahoo Pushing Ahead With Email Authentication Plan”
SMTP Auth
ISP’s and anyone else running a mailserver have the option of turning on authentication so that one has to authenticate before being able to send an email. If ISP’s haven’t bothered to enforce this I see little reason why they would implement the Yahoo initiative.
So I don’t think this will go anywhere at all. Not to mention that Yahoo is doing this on their own with little or no input from anyone else.
how does this help?
The article doesn’t say how this will stop spam except for the small number of people who use a whitelist and accept email only from people they already know. ISP’s can already boot customers who send spam. Some even do.
Re: how does this help?
Yahoo already uses a sort of tiered model, where bulk mail is delivered to a special directory but not automatically deleted. The same approach could be a useful refinement to the whitelist approach: instead of blocking mail from anyone you don’t know, that other mail would simply be dropped into a special directory, that you could look through less frequently. That’s a whitelist approach I would actually use. What doesn’t interest me is any system that automatically deletes or blocks what it identifies as spam, since I don’t trust an automated system to make that decision with 100% accuracy.
No Subject Given
Yahoo employee Jeremy Zawadny has a not too positive opinion of this at http://jeremy.zawodny.com/blog/archives/001169.html
Interesting Concpet
I think the idea with an authentication system is, that it will reduce the number of mails that need to be filtered. Right now, there is no way to tell if an email is who it says it is.
With this system yahoo won’t have to filter anythign that comes from them.
If MS Exchange would adopt this, 75% of all email would be authenticated. This only leaves 25% of emails that have the possibility of being from a rogue server.
email address with my own name
exanple: waynemorgan47@axiomemployment.com