Wednesday, October 27, 2004

281.aspx

The Return of Caller ID and other alternatives

Microsoft's original Caller ID for e-mail wasn't approved so they have merged their proposal with the Sender Policy Framework (SPF) written by Meng Weng Wong and Mark Lentczner. Have a look at the Sender ID Framework Executive Overview for a quick intro to what the Sender ID is.


My thoughts on it? SPAM sucks and there must be a way to fight it. Sender ID may be a step in the right direction, as it makes it easier to detect spam by automatic systems, but it does not prevent spam from being sent. It would be a lot better to kill the spam before it even reaches the internet. These days a lot of spam is sent by trojans and virus infected PCs with fast internet connections. There is, as far as I can see, no reason why any person or small company with a consumer broadband connection needs to send more than 1 mail every minute. Large companies are a different story but they don't have a consumer internet connection.


Internet Service Providers could block all outgoing traffic on port 25 and force clients to use their SMTP server with authentication to send mails. Mail clients are getting more secure so trojans/viruses don't use OLE Automation to send mails anymore but rely on their own spam sending SMTP client. SMTP authentication would fix the problem as they can't send mail directly to the internet anymore and they don't know the user name or password to use the ISPs SMTP server. Even if they magically found the username/password the damage would be limited as an infected host could only send 1 mail a minute and not several per second like they do now. Filtering is trivial as the ISP can work on a mail server level and not on a TCP/IP level.


I already use a similar setup on my LAN but I haven't gotten around to writing the outbound mail filter yet. You can reduce the chance of becoming a spam spewing bot by denying all outgoing connections to port 25 unless it is to your IPSs mail server


Other documents recently posted by Microsoft:


No comments:

Post a Comment