Industry Continues Drive Toward E-Mail Authentication

REDMOND, Wash. — May 11, 2005 — Business leaders, IT professionals and e-commerce executives will gather at the Marriott Marquis in New York City on July 12 to learn how e-mail authentication techniques, collaboratively developed and implemented by the online industry, are helping protect businesses and consumers from spam, phishing attacks and e-mail fraud.

E-mail Authentication Implementation Summit 2005 will highlight IP-based verification methods, such as the Sender ID Framework (SIDF) and Sender Policy Framework (SPF), and complementary signature-based approaches such as Yahoo! Inc.’s DomainKeys and Cisco Systems Inc.’s Identified Internet Mail. Esther Dyson, editor of Release 1.0 at CNET Networks Inc., will give the keynote address and moderate the daylong event, which will be hosted by a steering committee representing a broad cross-section of online industry leaders, including Bigfoot Interactive Inc., the Direct Marketing Association, the E-mail Service Provider Coalition, Microsoft Corp., Symantec Corp. and Sendmail Inc.

“Solving the problem of spam starts with being sure you know who’s sending the mail,” Dyson said. “Using SIDF will let spam filters move from guessing whether something is spam based on a variety of heuristics to knowing what domain it came from. This won’t guarantee an end to all spam, but it’s the beginning of reliable reputation systems for mail senders and broad accountability. One big obstacle to this desirable state of affairs is the corporate world’s lack of knowledge about sender authentication. Summits such as this one are vital to help get business leaders and IT professionals up to speed on how to implement these techniques and benefit from the significant advances the IT industry is making to help protect e-mail users.”

The summit will provide real-world data and best practices on how to implement e-mail authentication. Based on more than six months of deployments, the summit will provide hands-on recommendations on how to implement technologies including DomainKeys and SIDF, and how to publish SPF records in the Domain Name System, which has now been done by more than 1.5 million domains.

Despite industry progress, unwanted and deceptive e-mail attacks are growing, particularly fraudulent practices such as phishing and spoofing, which manipulate the content and look of known e-mail senders to trick recipients into divulging credit-card numbers and other personal information. IP-based e-mail authentication such as that provided by SIDF is a foundational, beneficial step that any e-mail sender, ISP or enterprise can take to help mitigate the risk of spam and phishing. SIDF verifies that the e-mail message actually comes from (or with the permission of) the domain name from which the e-mail claims to be sent, and is designed to prevent forged and spoofed e-mail messages, which are found in more than 95 percent of all phishing attacks. As a no-cost solution for e-mail senders and receivers, SIDF also offers the flexibility of validating the origin of an e-mail by verifying the IP address of the sender using the “MAIL FROM” check. With DomainKeys and Identified Internet Mail, a sender’s e-mail server attaches a digital signature to the message that the recipient’s domain uses to authenticate the message’s originating domain. These approaches complement IP-based solutions by offering the promise of broader applicability.

In addition to the steering committee, the program is being underwritten by more than two dozen industry leaders and organizations, including the Anti-Phishing Working Group, Barracuda Networks, CipherTrust Inc., Cisco, Cloudmark Inc., Digital Impact, DoubleClick Inc., GoDaddy.com, Goodmail Systems Inc., Habeas Inc., Harte-Hanks, Internet Identity, IronPort Systems Inc., MailFrontier Inc., The OpenGroup, Piper Software, Port25 Solutions Inc., Quris Inc., Release 1.0, Return Path Inc., StrongMail Systems Inc., TRUSTe, Tumbleweed and Yahoo! Inc.

Organizers expect more than 300 IT professionals, business leaders and e-commerce executives to attend the summit at the Marriott Marquis, 1535 Broadway, New York. More information and online registration can be found at http://www.emailauthentication.org/summit2005.

About The E-Mail Authentication Implementation Summit 2005

The E-mail Authentication Implementation Summit 2005 is the product of several industry-leading organizations coming together to implement self-regulatory standards to assist in furthering the exploration of solutions to stem the tides of spam and other e-mail related security threats. This event was conceptualized by thought leaders from organizations including Bigfoot Interactive, the Direct Marketing Association, the E-mail Service Provider Coalition, Microsoft, Symantec and Sendmail. For more information about e-mail authentication solutions, please visit http://www.emailauthentication.org.

About Microsoft

Founded in 1975, Microsoft (Nasdaq “MSFT”) is the worldwide leader in software, services and solutions that help people and businesses realize their full potential.

Microsoft is a registered trademark of Microsoft Corp. in the United States and/or other countries.

The names of actual companies and products mentioned herein may be the trademarks of their respective owners.

Note to editors: If you are interested in viewing additional information on Microsoft, please visit the Microsoft® Web page at http://www.microsoft.com/presspass on Microsoft’s corporate information pages. Web links, telephone numbers and titles were correct at time of publication, but may since have changed. For additional assistance, journalists and analysts may contact Microsoft’s Rapid Response Team or other appropriate contacts listed at http://www.microsoft.com/presspass/contactpr.mspx.

Related Posts