Educause Security Discussion mailing list archives
Re: Phishing, Spam Solutions
From: Valdis Kletnieks <Valdis.Kletnieks () VT EDU>
Date: Tue, 18 Jun 2013 13:56:08 -0400
On Wed, 12 Jun 2013 15:45:29 +0900, Katsuya Uchida said:
Some idea is to set email authenticaton. I heard that the email authentication rejects 90% of spam mails.
Which is a good reason *not* to rely on them, as other methods manage to reject 99% or better of spam. Anything that's only rejecting 90% of spam these days is considered horrible.
What is email authentication (Sender ID, DomainKeys/DKIM, SPF) and how do I set it up? http://help.campaignmonitor.com/topic.aspx?t=88
There's several problems with these: 1) Some of the solutions don't actually provide the assertion that you think they do (in particular, SPF has this problem - it does what it claims, but what it claims isn't what most people think it does). 2) None of them are of sufficient maturity or widespread adoption that you can actually get away with saying "We will not accept mail from the exterior unless it has authentication XYZ". At best, what you can do is score a few "might be spam" points if a given piece of mail *fails* a given authentication (a corrupted/incorrect DKIM signature, a violated SPF constraint and so on). About the only exception is that you *sometimes* can get away with saying "All mail claiming to be from example.edu must have originated from within example.edu's campus network". But that won't stop spam claiming to be from anyplace else (and still has to deal with the compromised user problem, where it's very difficult to tell the difference between a legitimate user submitting an e-mail from off campus over a VPN connection and a spammer using a legitimate user's credentials (often from the user's own machine) over a VPN connection.
Attachment:
_bin
Description:
Current thread:
- Phishing, Spam Solutions David James Anderson (Jun 11)
- Re: Phishing, Spam Solutions Josh Flaherty (Jun 11)
- Re: Phishing, Spam Solutions Bob Bayn (Jun 11)
- Re: Phishing, Spam Solutions Katsuya Uchida (Jun 11)
- Re: Phishing, Spam Solutions Valdis Kletnieks (Jun 18)
- Re: Phishing, Spam Solutions Josh Flaherty (Jun 11)