AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |
Back to Blog
Yandex mail dmarc4/14/2023 ![]() A trend analysis shows a (statistically significant) growing number of domains using SPF. In general, we find that higher-ranked domains use more authentication mechanisms, but sometimes configuration errors emerge, e.g., we found that .jp had an invalid SPF record. Among other findings, we confirm that Sender Policy Framework (SPF) still constitutes the most widely used method for email authentication in practice. In this paper, we analyze the three most common methods for originating DNS domain email authentication in a large-scale, longitudinal measurement study. ![]() To enable proper authentication, various extensions for SMTP were developed in the past years. ![]() Thus, if no additional authentication mechanisms protect a given domain, attackers can misuse the domain. Furthermore, trusted brands can be abused in email spam or phishing campaigns. Especially spear-phishing campaigns take advantage of the fact that it is easy to spoof the originating email address to appear more trustworthy. Back when SMTP was developed, security goals for the exchanged messages did not play a major role in the protocol design, resulting in many types of design limitations and vulnerabilities. Email is still one of the most common ways of communication in our digital world, the underlying Simple Mail Transport Protocol (SMTP) is crucial for our information society.
0 Comments
Read More
Leave a Reply. |