ietf-asrg
[Top] [All Lists]

[Asrg] DNS-based Email Sender Authentication Mechanisms: a Critical Review

2009-05-24 11:58:23
Hi guys, I wrote a `critical review' of SPF, DKIM and Sender-ID Framework
(SIDF); it's in process of publication at `computer & security`, you can see
it at http://dx.doi.org/10.1016/j.cose.2009.05.002 (pending editing, final
changes etc.). Nothing much new, just an attempt to provide a
fair-yet-critical survey, hopefully to help clarify this important subject.
Comments will be most welcome. Abstract below.

Amir Herzberg

Title: DNS-based Email Sender Authentication Mechanisms: a Critical Review

Abstract

We describe and compare three predominant email sender authentication
mechanisms based on DNS: SPF, DKIM and Sender-ID Framework (SIDF). These
mechanisms are designed mainly to assist in filtering of undesirable email
messages, in particular spam and phishing emails.We clarify the limitations
of these mechanisms, identify risks, and make recommendations. In
particular, we discuss potential abuse of these mechanisms to facilitate DNS
poisoning, and suggest countermeasures.

-- 
Amir Herzberg
Associate Professor, Dept. of Computer Science
Bar Ilan University
http://AmirHerzberg.com
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
http://www.irtf.org/mailman/listinfo/asrg