Sender Protection Framework Favored By Spammers

Gretchen Gallen
CYBERSPACE – Industry analysts have recently pinpointed a popular new strategy spammers and phishers are using in the so far unstoppable spam war. A recent study says that spammers are using Sender Protection Framework in greater numbers than previously known, with 38 percent more spam messages registering SPF records than other mail.

Analysts have expressed concern over this growing trend partly because the framework was originally thought to prevent spam.

SPF is an extension of Simple Mail Transfer Protocol (SMTP) for sending email between servers. SPF was intended to stop spammers from being able to forge the entry in the "from" field of an email through an Internet Protocol authentication process that determines which computers are authorized to send email from a specific domain. Although eWeek states that SPF cannot stop a spammer from sending emails from a domain in which it is a member.

According to the terms of the framework, the domain sending email must first establish an SPF record published in the Domain Name Server. If the email comes from a domain that is not authorized, the DNS server will not forward the email to its requested destination.

This new trend could possibly indicate that SPF will prove futile as a weapon against spam, analysts say, urging companies to change their techniques when it comes to spam prevention by being more concerned with what email is filtered into their systems, rather than what is filtered out.

A report from Denver, Colorado-based MX Logic Inc. a developer of spam blocking technology, has stated that 10 percent of all spam includes such SPF records, recommending that businesses now resort to reputation analysis as a tool against blocking spam. Reputation analysis rates the reputation of the email sender based upon the percentage of spam messages previously sent from that IP address.

Although MX Logic also warned that authentication and reputation analysis alone were not enough to stymie spammers.

“Reputation analysis is an important weapon in the anti-spam arsenal when used as a complement to traditional content-based email filtering,” said Scott Chasin, CTO MX Logic. “Email defense technology is evolving very rapidly. No one technology is a panacea - they all have their strengths and their limitations. Buyers should be wary of any one filtering technology being touted over others and should look for anti-spam solutions that offer diversified multiple layers of defense that can constantly incorporate the latest and greatest filtering techniques.”

MX Logic has also been an outspoken critic of the so-far unsuccessful Can-Spam Act, stating that by July, compliance with terms of the new anti-spam law fell for the first time to less than 1 percent.