Yahoo, Microsoft, EarthLink, America Online, British Telecom and Comcast announced a proposal of best practices for filtering and sending email. Among the recommendations are technical methods for authenticating email senders by Internet Protocol address or with digital content signatures. That way, ISPs and email providers could help prevent email fraud, one of the chief frustrations for anti-spam fighters.
In addition, the group advocated that ISPs detect and shut off Internet traffic from "zombie" machines, hijacked consumer PCs on their networks used to send millions of unwanted email messages every day.
"Our aim with this proposal is to help lay out a clear framework for the industry as we continue to work together to end the spam business and put our customers back in control of their inboxes once again," Ryan Hamlin, general manager of Microsoft's Anti-Spam Technology and Strategy Group, said in a statement.
The effort is the latest from the Anti-Spam Technical Alliance, or ASTA, a group formed in April 2003 by the four major ISPs -- Yahoo, Microsoft, EarthLink and AOL. Since its founding, the coalition has not publicly announced many joint projects, but individually, the parties have laboured over technical and legal efforts to thwart spammers.
On the technical front, each company in the last year has publicly backed a different system for authenticating email and quashing mail forgeries, or domain spoofing. Yahoo has backed a system known as DomainKeys for verifying the identity of an email sender with digital signatures, or two-key encryption. AOL has been testing a DNS-based system, formerly known as Sender Permitted From and recently renamed Sender Policy Framework, or SPF. Microsoft, too, has developed its own system for identifying the origin of email, called Caller ID for Email. It recently proposed a merger of Caller ID with SPF.
On Thursday, the coalition endorsed the underlying technical methods of each system, without specifying a standard. The group is examining both DNS-based and encryption-based systems and believes that the two standards are complementary.
ASTA's proposal also said that ISPs should implement rate limits on outbound email traffic, control automated registration of accounts and close all open relays, which are a big source for email. They also urged ISPs to block or limit email on Port 25, the main thoroughfare for email communications. For consumers, they recommended that all PC users install virus protection and security systems.
Earlier this year, ASTA launched its first joint legal assault against spammers. The suits claim that hundreds of unnamed defendants sent messages using false email addresses -- a violation of the newly enacted federal Can-Spam Act.
Talkback
There is an Extremely easy way to get rid of a good 50% of the crap out in the wild Internet almost instantly CAN ALL M$ Corp products the instant lack of virui worms spam mail ect ect ect etc would be so amazing it´s untrue
Dont believe me just watch the traffic on any given port on the I/Net see how much unescery (SP) is generated by M$ Corp products and as an aside to this THE VERY WORST THING THAT HAPPENED IN THE LAST FEW YEARS IS THE COALITION BETWEEN BT YAHOO AND M$ Corp.. Absolute total disaster i know i am on the recieving end of it bieng an subscriber to BT as my ISP ..
believe it the amount of crap i get is untrue up to 500 spams a day ..