crypto and public policy

Bad Solutions to the Spam & Phishing Problem

Filed under: General June 23, 2005 @ 11:36 am

Microsoft is sick of spam, and Bill Gates has declared that spam must end by 2006, so they’ve decided to unilaterally implement their Sender ID approach at Hotmail. What that means is that, if your domain hasn’t adopted Sender ID, Hotmail users will never receive email you send them.

Sender ID is a simple and simplistic solution to the spam problem: email from should originate from mail servers that are approved senders of email for the domain. Yahoo is then responsible for declaring, in an SPF (Sender Policy Framework) record, exactly which servers are thus approved to send emails on behalf of Yahoo users. Sounds easy and great, right?

Not so much. This solution breaks the end-to-end nature of email. SMTP, the protocol that manages email, was designed not to care about how an email travels from Alice to Bob. A number of critical email features rely on this path-agnostic design. In fact, that’s how almost every successful Internet protocol functions: the network provides as little functionality as possible, while the ends provide the smarts. If you stuff too much functionality in the network, you inherently limit the way it can be used.

So what happens if one decides that emails must take a well-declared path? People who use one email client to manage multiple email addresses will hit significant trouble: they will likely send out emails via the “wrong” mail server, and never realize it until they find out their email was thrown away by a spam filter. Mail forwarding, like the kind provided by your university’s alumni services, just doesn’t work. Mailing lists become far more complicated, if not altogether impossible.

The point is, designing scalable, reliable, Internet protocols is tricky. Sender ID is wrong in many ways. The right solution needs to adopt an end-to-end design approach. Cryptography is exactly the right tool for this kind of end-to-end approach. Of course, I’m biased: my research team and I have designed a crypto-based solution to phishing and spam. I’ll describe it over the next few weeks, and hopefully convince you that it’s better in many ways than the currently-proposed solutions.

No Comments

No comments yet.

RSS feed for comments on this post.

Sorry, the comment form is closed at this time.