Two Google security researchers report that a pair of authentication standards designed to help combat spam and phishing attacks are being widely adopted.
Industry players and standards organizations began working in 2004 to get email providers to adopt a number of authentication standards, such as DomainKey Identified Email (DKIM) and Sender Policy Framework (SPF), which would help prevent email address impersonation. Google researchers Elie Bursztein and Vijay Eranti say adoption of both DKIM and SPF is rising, and they estimate that 91.4 percent of the nonspam email sent to Gmail users now comes from authenticated senders.
The researchers note that more than 3.5 million domains are using the SPF standard, accounting for 89.1 percent of email sent to Gmail, and more than 500,000 domains are using DKIM, accounting for 76 percent of email sent to Gmail. Nearly 75 percent of incoming email is authenticated using both standards, and about 80,000 domains also allow Google to use the Domain-based Message Authentication, Reporting, and Conformance (DMARC) standard to reject unauthenticated emails.
Bursztein and Eranti say the widespread adoption of these authentication standards has made it easier to block the billions of spam and phishing emails sent every year.
View Full Article
Abstracts Copyright © 2013 Information Inc., Bethesda, Maryland, USA