Spammers using new email authentication protocol

Spammers are using Sender Policy Framework (SPF), a new email authentication protocol, to make their messages appear legitimate, according to a study by email security firm MX Logic.

Of the more than 400,000 spam messages that MX Logic filtered between Aug. 29 and Sept. 3, 16 percent had published SPF authentication records.

While SPF helps prevent domain spoofing in email and makes it easier to identify phishing attacks by authenticating an email's source, it does not cure the spam problem, MX Logic executives said.

In order for authentication to stem the spam tide, the industry will need to agree on an authentication standard and "also on accreditation and reputation services that can vouch for the domain's SPF record as well as email sending history," Scott Chasin, MX Logic CTO, said in a prepared statement.


Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.