Microsoft is proposing to merge its latest anti-spam measure with a domain authentication scheme, in order to counter the growing threat of spoofed email addresses from spammers and phishers.
The software giant wants to combine its Caller ID software with a domain authentication scheme devised by Meng Wong, co-founder of email forwarding and hosting company Pobox.com.
Wong, author of SPF, and Microsoft believe that merging the two applications will help detect spoofed email addresses used by spammers and phishers to disguise identities.
This could have a two-fold benefit. As the IP addresses of many spammers are picked up and become known to internet service providers, they can be blocked. Spammers frequently forge address headers to get past current protection.
It would also help combat the growing problem of phishing where criminals forge addresses of financial institutions and retailers in order to trick people into divulging financial and personal information.
Under the proposal, organisations will publish information about their outgoing email servers, such as IP addresses, using XML. The system will be compatible with domains that have already published information in the SPF TXT format.
The combined system would then confirm the sender's domain, and anti-spam filters could be created which could block all messages with 'from' addresses that do not match the actual sending domain.
The proposal, which will be presented to the Internet Engineering Task Force (IETF) standards body in June, has been welcomed by the organisation.
"We are pleased to see Microsoft and the SPF community working together on a unified specification," said Andrew Newton, co-chairman of the IETF working group that handles domain identification issues.
Another rival anti-spoofing specification, DomainKeys, promoted by Yahoo, was submitted to the IETF last week.
'Sunlit wet sidewalk' provides evidence of methane rainfall on the north pole of Saturn's moon Titan
Methane rainfall indicates the start of the summer season in Titan's northern hemisphere
Scientists believe there could be other hydrides or superhydrides with super conducting properties
Resetting the telemetry circuits and associated boards brought the instrument back to operations mode
Fortnite news and updates: Flaw in Fortnite authentication could have helped attackers steal player login credentials
Attackers could have used Fortnite security flaw to buy in-game currency on players' stored credit cards