Maybe We Should Just Trash All Authenticated Email

from the one-way-to-fix-spam dept

For the most part, sender authentication techniques have been a joke. The early adopters were spammers themselves. While some people claimed this meant that those spammers were “outed” it doesn’t seem like anyone actually did much about them. Now, though, a marketing trade group is requiring its members to start using sender authentication techniques in any marketing emails. While this may seem like a way to further give these authentication systems legitimacy, it might actually do the opposite. Suddenly, all the marketing messages that people get will be authenticated as well — and since many people consider even these more “legitimate” messages as spam, it may just reach a point where an authenticated message is an indicator that the email message is not wanted.

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Maybe We Should Just Trash All Authenticated Email”

Subscribe: RSS Leave a comment
Jesse McNelis (user link) says:

This is only a problem if...

This is only a problem if people continue to send unauthicated emails.
The email authication is quite important but just like SSL doesn’t create trust it only allows for trust to be maintained.
ie. if a spammer sends you an email you can verify that it came from the spammer, but this is no reason to trust the spammer.

Nate says:

You should know better

Why does everyone think e-mail authentication is an anti-spam technique? It?s purpose is clear: to prevent forgeries, i.e. authenticate the sender.

There is some overlap between that and the spam world, but not much. I think a lot of big companies want to use it to ensure that nobody abuses their domain name and/or trademark.

Dana Nowell says:

Re: Re: You should know better

Actualy it IS one if implemented with certain simple additions. Specifically, if I KNOW the email came from address X (authenticated) and I know that address sends SPAM, I can blacklist that address in my mail agent. Sendmail, postfix, and most others have the concept of an access list. Add that domain to the access list with a ‘deny’, problem solved.

Anonymous Coward says:

Re: Re: Re: You should know better

‘problem solved’
spammers churn throught servers by the thousands – constantly buying new blocks of IPs and domain names. the black list will ALWAYS be behind the curve, it is impossible to catch up. you will ALWAYS receive spam.
sender authentication is a complete waste of time and resources and only:
1) helps the spammers
2) prevents more legit mail from being delivered (stupid aol)

not a difficult concept!

Anonymous Coward says:

Re: Re: You should know better

Ok, I’ll just set my server to only accept authenticated emails – then i’ll start missing over half of all legit mail that comes to me.

oh, ok, then i’ll block all email from servers owned by spammers – because that’s not a huge moving target or anything.

the problem won’t get fixed. use a junk mail filter and get on with your lives.

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...