[Asrg] DNS-based Email Sender Authentication Mechanisms: a Critical Review

Subject: [Asrg] DNS-based Email Sender Authentication Mechanisms: a Critical Review

From: Amir Herzberg <amir.herzberg at gmail.com>

Date: Sun, 24 May 2009 10:58:49 +0300

Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:from:date:message-id :subject:to:content-type; bh=kgYeiZf8eV0UUrn6qOeAuRG9xFksKiWlh5mL106pWAY=; b=VTcf2cDEvI+xTwk5F6UobrAxuhe1vUzhxkZfjTopIydC+fJm9Lk/QAaISWz9hM8ZcL MqMgN2UYgesDucKfRHT9COffmQJ7PPIHj27CY9/HhHSpTVxdhRhcKUUDoRFVcoZwBhzV gr4nIuS6oWR9ZnKLEPbGJrZBGQyUnaa8YuG4M=

Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:from:date:message-id:subject:to:content-type; b=hlRtXv4FtzOnSxj8uAH9F5ul+VzoIjX2hwKErwPMImbdUcMWs+q2+afRITwBiVxfeY T3p3jXF5fvz7B2zW6NCCzUyGlAQB31kNcnNpWtnDavTQ4bO14KrZmCQxwjbxYDANVyw/ 7NnY0LAFX/CWld0hn3AqnIAyLjtxcm+1r2ES4=

List-archive: <http://www.irtf.org/mail-archive/web/asrg>

List-help: <mailto:asrg-request@irtf.org?subject=help>

List-id: Anti-Spam Research Group - IRTF <asrg.irtf.org>

List-post: <mailto:asrg@irtf.org>

List-subscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=subscribe>

List-unsubscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=unsubscribe>

Reply-to: Anti-Spam Research Group - IRTF <asrg at irtf.org>

Hi guys, I wrote a `critical review' of SPF, DKIM and Sender-ID Framework (SIDF); it's in process of publication at `computer & security`, you can see it at http://dx.doi.org/10.1016/j.cose.2009.05.002 (pending editing, final changes etc.). Nothing much new, just an attempt to provide a fair-yet-critical survey, hopefully to help clarify this important subject. Comments will be most welcome. Abstract below.

Amir Herzberg

Title: DNS-based Email Sender Authentication Mechanisms: a Critical Review

Abstract

We describe and compare three predominant email sender authentication mechanisms based on DNS: SPF, DKIM and Sender-ID Framework (SIDF). These mechanisms are designed mainly to assist in filtering of undesirable email messages, in particular spam and phishing emails.We clarify the limitations of these mechanisms, identify risks, and make recommendations. In particular, we discuss potential abuse of these mechanisms to facilitate DNS poisoning, and suggest countermeasures.

--
Amir Herzberg
Associate Professor, Dept. of Computer Science
Bar Ilan University
http://AmirHerzberg.com