« Brand Names Under Fire | Main | FCC Wireless Domain Rules Take Effect »

December 21, 2004

Comments

Liz Powers

Hi, I just read your 2005 Predictions.

Why process email that you can identify as 100% fraudulent? Where not all spam is sent using a fraudulent source address, all email sent with a fraudulent email source address is spam. According to the APWG 95% of all phishing attacks come from fraudulent email addresses. What are you thoughts on the following? Thank you.


Mail Authentication Protocol or MAP, is an email authentication system that executes at the mail gateway (MTA) to authenticate all inbound mail messages. MAP requires no changes in Internet protocols or any modification in the behavior of SMTP. MAP, successfully deployed for two years by ICS Network System's Mail Sentry² service. MAP continues to protect hundreds of enterprises by blocking millions of fraudulent email messages.

MAP uses a series of verification tests, operating in real time, that determine if an email is attempting to be sent, using a false, forged, or unverifiable sender address, or sent from a compromised/zombie PC. This method eliminates quarantining and disposition issues and MAP generates a detailed and complete log of all email traffic, accepted or rejected.

MAP evaluates the complete sender address, the sender domain’s DNS resource records including SPF records if available, connecting host IP address and host PTR records (reverse DNS), to then authenticate every email.

· MAP blocks delivery (and simultaneously alerts the sender) of all inbound messages determined to be false, forged, un-verifiable or issuing from a compromised PC (zombie).
· MAP operates in real time testing all message sent to a protected server
· MAP authenticates the original sender
· MAP authenticates the connecting host
· MAP authenticates the SPF Record, if one is published
· MAP authenticates whether sender domain has published bona-fide MX records
· MAP tests the MX host to determine if they are properly configured (real)
· MAP authenticates the fully qualified sender address to test if the fully qualified sender address is valid per the MX host
· MAP alerts the sender of any email that is being "blocked"
· MAP logs all "blocked" traffic
· MAP does not evaluate message content
· MAP delivers immediate benefits to any size organization by eliminating over 60% of all email traffic received by a network, resulting in reduced bandwidth needs, conserving server capacity and lowering overall IT costs.


ICS Network Systems, Inc.
620 Johnson Avenue
Bohemia, New York 11716
(631) 589-9800 or 631 875 8753
http://www.mailsentry.com/MAP.html mapinfo@icsnetsys.com


Chip

Liz,

MAP sounds interesting. How does it look at messages authenticated with SPF or Sender ID? What if a spammer is using a valid SPF record with their temporary domain?

Chip

Blair
0Christopher

Hello
aol e mail microsoft running
aol aim mail
mapquest road atlas
dell laptop coupon
aol aim mail
fan intel processor
dell computer deal
core duo intel processor review
direction map mapquest mexico road
aol music com

Term paper

The increase will become evident for most subscribers in 2005 and more of them will treat messages that are irrelevant or come too frequently as spam.

The comments to this entry are closed.