[GTER] Yahoo! Domain Keys

Marcelo Estanislau marcelo at standardnet.com.br
Wed Nov 17 12:56:00 -02 2004


Buenas...

Acredito que com a implementação de SPF e principalmente de DK irá 
niquelar muitos dos spams. Jogada brilhante do pessoal do Yahoo! em 
criar essa tecnologia com par de chaves (digamos que eles aperfeiçoaram 
o SPF). Alguma novidade para o postifix?

Alexandre Hautequest wrote:

>Comentarios?
>
>A turma do Sendmail ja tem implementacao (
>http://sendmail.net/dk-milter/ ), outros MTAs devem receber em breve tal
>acessorio.
>
>http://antispam.yahoo.com/domainkeys
>
>DomainKeys: Proving and Protecting Email Sender Identity
>
>Email spoofing - the forging of another person's or company's email
>address to get users to trust and open a message - is one of the biggest
>challenges facing both the Internet community and anti-spam
>technologists today. Without sender authentication, verification, and
>traceability, email providers can never know for certain if a message is
>legitimate or forged and will therefore have to continually make
>educated guesses on behalf of their users on what to deliver, what to
>block, and what to quarantine, in the pursuit of the best possible user
>experience.
>
>DomainKeys is a technology proposal that can bring black and white back
>to this decision process by giving email providers a mechanism for
>verifying both the domain of each email sender and the integrity of the
>messages sent (i.e,. that they were not altered during transit). And,
>once the domain can be verified, it can be compared to the domain used
>by the sender in the From: field of the message to detect forgeries. If
>it's a forgery, then it's spam or fraud, and it can be dropped without
>impact to the user. If it's not a forgery, then the domain is known, and
>a persistent reputation profile can be established for that sending
>domain that can be tied into anti-spam policy systems, shared between
>service providers, and even exposed to the user.
>
>For well-known companies that commonly send transactional email to
>consumers, such as banks, utilities, and ecommerce services, the
>benefits of verification are more profound, as it can help them protect
>their users from "phishing attacks" - the fraudulent solicitation for
>account information, such as credit card numbers and passwords, by
>impersonating the domain and email content of a company to which users
>have entrusted the storage of these data. For these companies,
>protecting their users from fraud emails translates directly into user
>protection, user satisfaction, reduced customer care costs, and brand
>protection.
>
>For consumers, such as Yahoo! Mail users or a grandmother accessing
>email through a small mid-western ISP, industry support for sender
>authentication technologies will mean that they can start trusting email
>again, and it can resume its role as one of the most powerful
>communication tools of our times.
>
>
>  
>


-- 
Marcelo Estanislau Geyer
marcelo at standardnet.com.br
Standard Net Tecnologia e Informação
http://www.standardnet.com.br



More information about the gter mailing list