Anti-Spam Technical Alliance Publishes Industry Recommendations
To Help Stop Spam
Yahoo!, Microsoft, EarthLink and AOL Propose Key Best Practices
and Technologies to Tackle The Problem of Unsolicited Commercial
E-Mail
Sunnyvale, CA, Redmond, WA, Atlanta, GA, and Dulles, VA -- June 22,
2004 -- The Anti-Spam Technical Alliance (ASTA), whose participants
include Yahoo! Inc. (Nasdaq "YHOO"), Microsoft Corp. (Nasdaq
"MSFT"), EarthLink (Nasdaq "ELNK") and America Online Inc. (NYSE
"TWX"), today unveiled the result of more than a year of close
collaboration by presenting a host of detailed best practices and
technical recommendations for the entire industry in an effort to
fight the scourge of spam.
The proposal provides recommended actions and policies for
Internet service providers (ISPs) and e-mail service providers
(ESPs) as well as large senders of e-mail including governments,
private corporations and online marketing organizations. These
recommendations primarily focus on two key issues: helping solve
the e-mail forgery problem by eliminating domain spoofing through
Internet Protocol (IP)-based and signature-based solutions; and
best practices to help prevent ISPs and their customers from being
sources of spam.
Laptop Battery The complete ASTA proposal can be found at each adopting
company's Web site:
- Spam is not going to disappear from inboxes, nor is the volume of spam going to decrease in the near future. Spammers will continue to look for new ways of evading antispam protection, and antispam experts will continue to repel spam attacks successfully.
- Probably no new spam technologies will appear in 2007. However, the technologies currently being used will be developed further.
- It seems likely that spammers will continue developing graphical spam, even though there is little reason to see this as a particularly promising route for spammers.
Thinkpad * http://antispam.yahoo.com
*
http://download.microsoft.com/download/2/3/7/23779c05-d409-46ce-b9d6-c24908789d8b/ASTA
Statement of Intent.pdf or http://www.microsoft.com/spam
* http://www.earthlink.net/spamblocker
* http:// corp.aol.com/press/press_release062204.html
Blocks 100% of Spam"Best AntiSpam Software" Computer Shopper ( 2006) use spam filter that makes sure you get messages from people you know, while redirecting messages from people you don't. Spam does it for you. And it works seamlessly with Microsoft Outlook and Outlook Express to stop unwanted junk mail and fraudulent phishing scams, letting you take control of your Inbox. PC Magazine Editors' Choice Award 3 years running!"[ Spam]* beat both Norton Antispam and McAfee SpamKiller Home in a comparison test of ten antispam software products."- Best Getest Computer!
Microsoft ASTA was founded in April 2003 to bring together key industry
stakeholders to drive technical standards and promote collaboration
in the development of industry guidelines to address the spam
problem. Current members include leading technology companies such
as America Online, British Telecom, Comcast, EarthLink, Microsoft
and Yahoo!.
As a rental organization ICC has kept strong focus on service by following strict quality control procedures and providing 24 hour a day, 7 day a week technical support on every computer rental. Feel secure when renting a computer from iccrents.com. Rent Laptops from Quick, 1000 laptops in stock, HP, CPQ, Dell, IBM, 24x7 Support, Same Day deliveries available nationwide. 20 years of experience.
Laptop Computers Comments
"With these proposed solutions, ASTA is taking a huge step toward
collective and enforceable technologies in reducing spam and e-mail
forgery," said Brad Garlinghouse, vice president of Communication
Products at Yahoo! Inc. "We are laying out clear best practices and
Good Neighbor policies that will help change the rules of the game
on spammers once and for all."
Description Have a friend with a laptop Do they always complain about the heat Cool them down with HandStands' Cool Lift. Designed to help promote air flow and reduce heat, the Cool Lift is perfect for notebook computers with the latest hot processors from Intel, AMD, Motorola, or IBM. Proof Shields for Laptops help prevent scratches from normal laptop use. Proof Shield. It even completely disappears when applied!
Laptop Computer "We believe that thanks to continued innovation and the ongoing
cooperation of governments and industry around the world, we are on
the right path to turn the tide against spammers - but further
change is needed on an industrywide basis to thoroughly contain the
problem for consumers and
businesses worldwide," said Ryan
Hamlin, general manager of the Anti-Spam Technology &
Strategy Team at Microsoft. "Our aim with this proposal is to
help lay out a clear framework for the industry as we continue
to work together to end the spam business and put our customers
back in control of their inboxes once again."
Even the existence of antispam legislation can’t stop spam; spam is a global phenomenon which is not subject to traditional geographical boundaries. According to Kaspersky Lab data, just 22% of all spam sent to the email addresses of Russian Internet users is sent from Russia. Another 20% comes from the US and 11% originates in China.
Desktop Computer "Today's announcement shows the industry's commitment to working
together to develop the best technical standards and practices that
all providers can use to stop spam," said Linda Beck, executive
vice president of Operations at EarthLink. "By collaborating on new
ways to better identify the origin of messages, we can help lift
the veil of anonymity on spammers and restore the integrity of
e-mail. We encourage continued testing and public discussion in
order to move toward industry-standard technical solutions."
Notebooks "This announcement opens an entirely new chapter in spam
fighting on behalf of all online consumers. Spam is an industrywide
challenge that merits an industrywide solution. Creating a set of
best practices puts us on a clear glide-path to winning a major
battle against spammers, scammers and spoofers," said Matt Korn,
executive vice president, Network & Data Center Operations at
America Online. "This proposal also shifts the spam fight toward
identifying legitimate senders of e-mail to ensure prompt delivery
of their e-mail. Now we're going to focus on testing and evaluating
cost-effective technologies that can identify legitimate senders of
e-mail and help restore consumer trust in their e-mail
inboxes."
Lenovo About Microsoft
Founded in 1975, Microsoft (Nasdaq "MSFT") is the worldwide leader
in software, services and solutions that help people and businesses
realize their full potential.
Hard Drive About EarthLink"EarthLink revolves around you." Celebrating ten
years as a leading national Internet service provider (ISP),
Atlanta-based EarthLink has earned an award-winning reputation for
outstanding customer service and its suite of online products and
services. According to the J.D. Power and Associates 2003 Internet
Service Provider Residential Customer Satisfaction Study(SM),
EarthLink is ranked highest in customer satisfaction among
high-speed ISPs. Serving more than five million subscribers,
EarthLink offers what every user should expect from their Internet
experience: high-quality connectivity, minimal drop-offs and
ISP-generated intrusions, and customizable features. Whether it's
dial-up, high-speed, Web hosting, or wireless Internet service,
EarthLink provides the tools that best let individuals use and
enjoy the Internet on their own
terms. Learn more about
EarthLink by calling (800) EARTHLINK or visiting EarthLink's Web
site at http://www.earthlink.net/.
Travelstar About America Online
America Online Inc. is a wholly owned subsidiary of Time Warner
Inc. (NYSE: TWX). Based in Dulles, Virginia, America Online is the
world's leader in interactive services, Web brands, Internet
technologies and e-commerce services.
Gateway About Yahoo!
Yahoo! Inc. is a leading provider of comprehensive online products
and services to consumers and businesses worldwide. Yahoo! is the
No. 1 Internet brand globally and the most trafficked Internet
destination worldwide. Headquartered in Sunnyvale, Calif., Yahoo!'s
global network includes 25 world properties and is available in 13
languages.
Laptop Parts For more information, press only:
Mary Osako, Yahoo!, (408) 349-6255, mosako@yahoo-inc.com
Rapid Response Team, Waggener Edstrom for Microsoft, (503)
443-7070, rrt@wagged.com
Carla Shaw, EarthLink, (404) 748-7267,
Shawcm@corp.earthlink.net
Nicholas Graham, America Online, (703) 265-1746
Summary of ASTA Recommendations
ASTA's proposal focuses on two key issues: helping solve the
e-mail forgery problem by eliminating domain spoofing through
IP-based and signature-based solutions, and best practices to help
prevent ISPs and their customers from being sources of spam..
Recognizing that broad adoption of any technology or best practice
is critical to solving the spam epidemic, all members of ASTA have
agreed to the following recommendations:
Software Addressing E-mail Address Forgery
One of the key problems with today's e-mail infrastructure is that
messages do not contain enough reliable information to enable
recipients to decide whether an e-mail message is legitimate and
reliably identify the sender. Spammers take advantage of this fact
and commonly disguise the origin of their messages by forging the
sender addresses on their e-mail using someone else's domain name.
This is called "domain spoofing."
Hard Drives Although the problem of identifying the origin of e-mail is
complex, there are two promising new methods that organizations can
implement to lay a foundation for future advances and promote
authentication that verifies that senders of a message is who they
claim to be:
Electronics 1. Authenticating senders based on IP addresses.
Currently, the only trustworthy attribute in an e-mail message
header is the IP address of the server that is transmitting the
e-mail. IP addresses can therefore be used by e-mail receivers to
verify other attributes in the message header, such as the sending
domain, and thus help reduce the common forms of phishing and
forgery that are rampant today. This verification loop can be done
using the existing Domain Name System (DNS) infrastructure combined
with fairly simple changes to the receiver's e-mail systems.
Canon 2. Authenticating senders based on content signing.
Another approach to sender authentication uses a technology called
Content Signing (CS). CS systems use public/private key pairs to
generate the signatures that are used for sender verification. The
public keys may be made broadly available through a variety of key
exchange mechanisms or via publication in a directory or in DNS.
The private keys are stored securely on the domain's mail servers.
When a user sends an e-mail message, the mail server uses the
stored private key to automatically generate a digital signature
for the message. When the recipient's mail server receives the
e-mail message, it retrieves the sender's public key and uses it to
verify the digital signature in the message. This verifies both the
sender's identity and the integrity of the message body (that the
e-mail content was not modified during delivery).
Desktop Pc As with IP-based sender authentication, the companies believe
that content signing technologies are an important component of a
long-term industry solution.
Desktop Computers Throughout the process of implementing these technologies, ASTA
members will provide feedback that along with other industrywide
feedback will enable subsequent improvements to the specification
to be completed, with the goal of providing for the best long-term,
industrywide IP based authentication solution.
Think Pad It is the belief of this group that the ubiquitous deployment of
some or all of these proposals, combined with the most innovative
anti-spam filtering technologies and approaches, continued
litigation against the worst offenders, appropriate legislation and
other measures, will serve to reduce the economic incentives and
eliminate the entry points for spammers to continue their barrage
of unwanted communications. ASTA looks forward to the community
response to this proposal and invites participation from all
segments of the community to assess the validity and impact of
these proposed solutions and their accompanying technical
specifications.
Repair Addressing Spam Through Best Practices
In the proposal, ASTA recommends a number of best practices that
organizations should implement as applicable. Many of these
practices have already been adopted by responsible organizations
using e-mail today, but broader global adoption is necessary, as
the combined effect of implementing these approaches can serve to
minimize opportunities for spammers. Those who do not adopt these
proposals risk loss of online user confidence in the safe and
trusted exchange of e-mail for the entire community.
Data Recovery Specifically, ASTA's proposal outlines the
following:
Cisco * Recommendations for ISPs and mailbox providers and
organizations that provide Internet connectivity, such as
these:
o Block or Limit the use of Port 25
o Implement rate limits on outbound e-mail traffic
o Control automated registration of accounts
o Close redirectors that can be abused
o Close all open relays
o Configure proxies for internal network use only
o Detect compromised computers (zombies)
o Educate users to increase use of existing tools
o Develop effective complaint reporting systems
Keyboard
* Recommendations for legitimate bulk e-mail senders, such as
these:
o Do not harvest e-mail addresses through SMTP or other means
(defined as collecting e-mail addresses, usually by automated
means) without the owners' affirmative consent.
o Register your e-mail domain with a creditable safelist
provider.
o Always provide clear instructions to customers about how to
unsubscribe or opt-out of receiving e-mail. Promptly respond to
these requests.
o Do not use or send e-mail that contains invalid or forged
headers.
o Do not use or send e-mail that contains invalid or nonexistent
domain names in the From or Reply-To headers.
o Do not employ any technique to hide or obscure any information
that identifies the true origin or the transmission path of bulk
e-mail.
o Do not use a third
party's Internet domain name or
allow mail to be relayed from or through a third party's
equipment without permission.
o Do not send e-mail that contains false or misleading information
in the subject line or in its content.
o Monitor SMTP responses from recipients' mail servers. Promptly
remove all e-mail addresses for which the receiving mail server
responds with a 55x SMTP error code (e.g., "user doesn't
exist").
Monitor
* Recommendations for consumers, such as these:
o Install firewalls on PCs as appropriate.
o Use anti-virus software and other screening tools to detect
incoming viruses, malware, and harmful or suspicious code.
o Make use of spam filtering technologies and customize settings
that provide the appropriate level of protection needed.
Desktop Some of these recommendations are already part of laws in
various countries including the Controlling the Assault of
Non-Solicited Pornography and Marketing (CAN-SPAM) Act of 2003 in
the United States. However, the disparity between laws and the
absence of anti-spam laws in most countries means the industry
needs to come together and adopt consistent policies and practices
that drive spammers out of business.
Infosys The complete ASTA proposal can be found at each adopting
company's Web site:
Refurbished Laptops * http://antispam.yahoo.com
*
http://download.microsoft.com/download/2/3/7/23779c05-d409-46ce-b9d6-c24908789d8b/ASTA
Statement of Intent.pdf or http://www.microsoft.com/spam
* http://www.earthlink.net/spamblocker
* http://corp.aol.com/press/press_release062204.html
[ Comment, Edit or Article Submission ]
