Google, Yahoo!, Facebook and Microsoft Start Battle Against Email Spam

One of the biggest problems that the Internet has faced for years, and is facing still, is spam. It is estimated that more than 90% of the total Internet traffic is email spam. The figure has come down considerably, after Microsoft hunted for and took down a number of botnets. Nonetheless, the volume of spam is still high enough, that it is a matter of concern.

Spam is so popular and widespread, there are businesses based on spam, which thrive on the naiveness of the casual Internet surfer. Most of these spammers gather personal data or credentials, using phishing attacks.

This time, all tech giants, namely Google, Microsoft, Yahoo!, PayPal, Facebook and LinkedIn are going after spammers. They have decided to verify if the email sender is indeed the actual sender. Ars Technica writes on this, claiming that SMTP is too old to, and the concept of emails has become complicated since its birth.

Although methods like SPF and DKIM  have been used in email phishing protection already, they have their limitations. Instead, these tech giants are working on a new protection scheme called DMARC.

As with SPF and DKIM, DMARC depends on storing extra information about the sender in DNS. This information tells receiving mail servers how to handle messages that fail the SPF or DKIM tests, and how critical the two tests are. The sender can tell recipient servers to reject messages that fail SPF and DKIM outright, to quarantine them somehow (for example, putting them into a spam folder), or to accept the mail normally and send a report of the failure back to the sender.

As DMARC stores extra information about the sender, it has to record all the senders, to function effectively. This makes a global rollout compulsory for DMARC to be effective in fighting spam. In the next few months, we will see how the Internet community receives DMARC and whether it is effective against spam.

Published by

Chinmoy Kanjilal

Chinmoy Kanjilal is a FOSS enthusiast and evangelist. He is passionate about Android. Security exploits turn him on and he loves to tinker with computer networks. You can connect with him on Twitter @ckandroid.

  • Indeed it is a major problem and sometimes an out of control situation. I use hotmail as my main email account and I had my account hacked number of time over the last few years. One major problem I had was someone hijacked my account to send spam emails to thousands of users across the globe. I was geeting mail delivery notification every hours until microsoft asked me to reset my password. It was going on for months and I was very frustated.

    I also had my paypal account hacked through hotmail as well on number of occasions. It is a scary situation when these things happen and anyone with personal information on their email is in big trouble.

    Thanks for sharing this post.