E-mail sender authentication: It works but doesn't stop spam

A growing number of companies are using e-mail authentication protocols to help verify the Internet domain in an e-mail sender's address, but that is not keeping spam out of mailboxes.

Those are among the findings in an analysis of millions of e-mails by CipherTrust Inc. of Alpharetta, Ga.

The study focused on the effectiveness of Sender Policy Framework, a protocol supported by CipherTrust's IronMail e-mail security appliance.

SPF is effective in identifying spoofed e-mail addresses, but if spammers publish SPF records with legitimate domains, their spam is passed through the system.

And spammers appear to be among the early adopters of SPF.

'According to CipherTrust research, 34 percent more spam is passing SPF checks than legitimate e-mail,' the study found.

SPF allows a domain-holder, either an enterprise or individual, to publish a list of IP addresses from which e-mail can legitimately be sent from that domain. Servers receiving e-mail can check the published list to see if the sender's address is good. If the address does not appear on the domain's SPF list, it has been spoofed and can be rejected.

The technology still is in the early stages of deployment. A CipherTrust survey of Fortune 1,000 companies in April found only 11 had published SPF records to enable their e-mail to be authenticated. In August, that number had climbed to 31.

A new contender in authentication is the Sender ID Framework, a combination of Microsoft Corp.'s proposed Caller ID for E-mail protocol and SPF, along with a specification called Submitter Optimization.

CipherTrust conducted its study on messages collected from more than 1,000 customers using its IronMail appliance between May and August. Although relatively few domains have published SPF records, nearly 5 percent of e-mail messages identified as spam came from domains using SPF. Of those, 1.3 percent had been spoofed, and 3.6 percent were genuine, indicating that spammers are publishing SPF records at a higher rate than noncommercial e-mailers.

The use of authentication protocols could help fight fraud. It will not necessarily stop spam, but it could help to keep the spammers honest.

About the Author

William Jackson is a Maryland-based freelance writer.


  • Records management: Look beyond the NARA mandates

    Pandemic tests electronic records management

    Between the rush enable more virtual collaboration, stalled digitization of archived records and managing records that reside in datasets, records management executives are sorting through new challenges.

  • boy learning at home (Travelpixs/Shutterstock.com)

    Tucson’s community wireless bridges the digital divide

    The city built cell sites at government-owned facilities such as fire departments and libraries that were already connected to Tucson’s existing fiber backbone.

Stay Connected