Anti-spam is Useless
The Register reports that claims that user authentication schemes will reduce spam are not just wrong but "wrongheaded.
User authentication schemes such as SPF (Sender Policy Framework) and Sender ID check if machines are allowed to send email from a claimed domain - a kind of caller line identification but "this doesn't tell you who the actual sender was or the spaminess of a message," Nick FitzGerald, of Computer Virus Consulting in New Zealand.
Worse, botnets - networks of "zombie" PCs controlled by hackers - "screw anti-spam authentication". he noted. "User authentication is worse than nothing at all. For example, SPF is broken before implementation because it's not just breakable but trivial to break," he said. The Register
User authentication schemes such as SPF (Sender Policy Framework) and Sender ID check if machines are allowed to send email from a claimed domain - a kind of caller line identification but "this doesn't tell you who the actual sender was or the spaminess of a message," Nick FitzGerald, of Computer Virus Consulting in New Zealand.
Worse, botnets - networks of "zombie" PCs controlled by hackers - "screw anti-spam authentication". he noted. "User authentication is worse than nothing at all. For example, SPF is broken before implementation because it's not just breakable but trivial to break," he said. The Register
<< Home