by Daniel Ingevaldson - CTO at Easy Solutions - Friday, 23 January 2015.
It is a rare thing to be given the opportunity to right a historic wrong. The root of essentially every Internet security issue in history is the same—architects try to build fundamentally sound concepts, engineers try to strip out complexity, and developers just try to get their code to compile. Security is and always will be a secondary concern to primary functionality. This is not an editorial about how security should be “baked in”. There is only so much time in the day, so much room in the specification, so much code you can write before you have to ship.
The early IETF groups that defined core Internet standards around SMTP undoubtedly pondered the integration of authentication into the core spec, but were more worried about building a sufficiently simple, scalable solution that developers would implement and people would use. Email security is really, really hard, which is why we are still talking about it 20 years after SMTP was standardized.
Full Article.
DMARC: The time is right for email authentication
Userlevel 7
+54
Userlevel 7
+54
2/26/2015 Daniel Ingevaldson
Providers of more than 3 billion email boxes have taken up a new Internet protocol to help put trust back into electronic messaging.
While email is a mission-critical communication channel for most companies, it has also become an untrusted one. Thanks to spam and phishing scams, users are taught to be wary of incoming messages. This lack of trust impacts a company’s ability to effectively communicate, market, and sell to customers via email. DMARC (Domain Message Authentication Reporting and Conformance) stands to change all that.
Providers of more than 3 billion email boxes have taken up DMARC to help put trust back into email. DMARC is an Internet protocol specification that is going through the IETF standardization process. It provides visibility into email flows, and can tell receiving servers to delete spoofed messages immediately upon receipt, thus ensuring that only legitimate emails are delivered to inboxes.
Full Article
Providers of more than 3 billion email boxes have taken up a new Internet protocol to help put trust back into electronic messaging.
While email is a mission-critical communication channel for most companies, it has also become an untrusted one. Thanks to spam and phishing scams, users are taught to be wary of incoming messages. This lack of trust impacts a company’s ability to effectively communicate, market, and sell to customers via email. DMARC (Domain Message Authentication Reporting and Conformance) stands to change all that.
Providers of more than 3 billion email boxes have taken up DMARC to help put trust back into email. DMARC is an Internet protocol specification that is going through the IETF standardization process. It provides visibility into email flows, and can tell receiving servers to delete spoofed messages immediately upon receipt, thus ensuring that only legitimate emails are delivered to inboxes.
Full Article
Reply
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.