Sendmail Partners with Microsoft and Yahoo To Stop Spam

E-mail management company Sendmail is throwing its support to antispam efforts from both Microsoft (Nasdaq: MSFT) and Yahoo (Nasdaq: YHOO) as the major players seek to team up against junk e-mail and the increasing ease with which spammers fake their identities.

Spammers have remained ahead of both regulation and technology and have been able to continue sending a deluge of unwanted advertisements and bogus enticements largely by technically working around antispam efforts with underhanded tactics, such as forging Internet Protocol (IP) addresses.

Sendmail said it aims to reveal a spammer's true identity through deploying both a "caller ID for e-mail" program from Microsoft and an authentication solution from Yahoo.

Analysts agreed that Sendmail's influence over significant portions of the e-mail space bodes well for the company's attempt to push forward with these strategies, especially now that the company has partnered with Microsoft and Yahoo. "The key to ensuring that these types of technologies are successful is widespread adoption," said Sendmail chief technology officer Eric Allman.

"Coalitions are certainly important, and certainly, having two important vendors in Microsoft and Sendmail getting together is significant," industry analyst Joyce Graff told TechNewsWorld. "Sendmail is really in a position to propagate a change like that."

Postmaster Protocol

Graff said most of the postmaster or e-mail administration software for the Internet in use today comes from Sendmail, putting the company in a unique position to effect industry change.

The analyst referred to Sendmail's postmaster-server component, which was expected to take two years to saturate the market but ended up being pervasive within nine months.

"Getting folks to upgrade turned out to be not that difficult," Graff said, adding that the same kind of proliferation of technology change is required to stem the flow of spam.

Microsoft antispam technology group general manager Ryan Hamlin stressed the importance of working with other industry leaders to gain broad adoption, while Yahoo vice president of communications products Brad Garlinghouse said cooperation with Sendmail lays the foundation for future antispam advances.

Too Easy To Fake

Referring to the variety of ways in which spammers fake or spoof sending addresses, Graff said the IT industry is frustrated trying to track something that even the Federal Bureau of Investigation cannot track.

"We need this kind of thing -- some passive way of identifying them," Graff said of spammers using fake originating IP addresses or spoofed sender e-mail accounts. "Because right now, it's just too easy to fake it."

To disclose a sender's true identity more accurately, Microsoft has proposed a caller ID for e-mail whereby IP addresses of sending mail servers are matched with domain-name server listings to ensure the mail originated from the proper place -- otherwise it would be considered spam and blocked before being allowed to pass. Sendmail said it will develop software tools for the program as plug-ins for open-source and commercial software.

Sendmail also announced that next month it will begin testing Yahoo's DomainKeys -- a cryptographic authentication solution designed to leverage public-private key cryptography to generate more authentic e-mail header signatures.

After testing, Sendmail, Yahoo and other companies plan to develop an open-source package that will allow different e-mail systems to generate and validate DomainKeys' authentication information.

Approach Will Work

Basex chief analyst Jonathan Spira, whose research firm blamed spam for US$20 billion in lost productivity and other costs last year, said the concept of sender verification holds the key to reducing spam e-mail significantly.

"It makes mailers not only identifiable, but accountable," Spira told TechNewsWorld.

The analyst added that the collaborative efforts of such players as Sendmail, Microsoft and Yahoo probably will grow and also will be effective.

"I'm sure more companies will get into the act," Spira said. "Beyond this team, there will be many more such concepts floated, and the one that works will be a hybrid of all of these. And yes, this will work."