dcsimg
RealTime IT News

Report: E-Mail Authentication on The Rise

Recent studies confirm that e-mail authenticated by either the Microsoft-backed Sender ID Framework (SIDF) or the Yahoo-backed DomainKeys Identified Mail (DKIM) efforts have risen dramatically in the past year.

The growth comes as large e-mail providers and ISPs adopt e-mail authentication technology in an effort to help thwart spam and phishing attacks.

Though they differ in terms of technology and implementation, both SIDF and DKIM aim to authenticate e-mail by providing some form of verification for the domain from which a particular e-mail was sent.

The general idea is that phishers will typically attempt to spoof a domain in order to trick users into thinking it is legitimate. By providing authentication for an e-mail against a verified domain, there is some form of verification that helps to verify the identity of the sender.

A new study from IronPort Systems reports that 35 percent of all Internet e-mail is authenticated with SIDF, while 9 percent is authenticated with DKIM. In terms of enterprise adoption, 45 percent of all Fortune 100 firms use DKIM while 75 percent use SIDF.

Patrick Peterson, IronPort CTO, told internetnews.com that the majority of DKIM signers also publish SIDF records.

He noted that the overlap is probably about two out of every three which would yield a 38 percent to 40 percent number for the total of all e-mail authenticated by either method.

Over the last 12 months, overall adoption of e-mail authentication has increased by 60 percent. IronPort forecasts that adoption will grow by another 50 percent over the next 12 months.

IronPort's study is based on an analysis of traffic from its SenderBase traffic monitoring network, which it claims monitors over 25 percent of global Internet traffic.

Based on DNS record analysis by MarkMonitor and VeriSign, Microsoft claimed that .com and .net domains with Sender Policy Framework (SPF) records jumped to nearly 2.2 million last month, up from only 750,000 in March 2005.

On SIDF-authenticated domains alone, approximately 2 billion e-mail messages are sent worldwide every day.

Microsoft's Hotmail service is among the domains that use SIDF. There, too, it is seeing an increase in Sender ID-compliant mail, with up to 32 percent of mail in March being compliant.

Microsoft is responsible for a portion of that compliance via its MSN Postmaster Services, which provide resources about how to properly craft compliant mail.

Adoption of e-mail authentication by ISPs and webmail providers is one of the leading drivers of adoption. A new study from the E-mail Sender and Provider Coalition (ESPC) reports that 18 of the largest ISPs in the U.S. support at least one of the e-mail authentication methods.

"Legitimate e-mail marketers and ESPs have been quick to respond by adopting authentication over the last year to ensure their mail makes it to inboxes of leading ISPs," said Trevor Hughes, executive director of the ESPC, in a statement.

"We're happy to see receivers take a stand by adopting authentication as the industry takes a step closer to becoming a unified force for authentication, accreditation and reputation -- the combination of which is the only way to stop spam and fraudulent e-mail."