COMUNICACIÓN

CONTACTO

  • México: 01 (55) 5256.4517
    Monterrey: 01 (81) 8347.0027
    Austin: 1 512 234.3474
  • México, D.F.
    Tamaulipas No. 150
    Despacho 501 5°piso Torre A
    Col. Hipódormo Condesa.
    C.P.06100
  • Monterrey, N.L.
    Calle IV No. 1214
    Fracc. San Jerónimo
    C.P. 64640
  • Austin, TX
    3925 W Braker Lane,
    Suite 3.8096
    Austin, TX 78759

Google, Microsoft Say DMARC Spec Stops Phishing


Autor: Thomas Claburn
Fuente: InformationWeek.com
Fecha Publicación: January 30, 2012
Páginas: 2 de 2


In addition to AOL, Google, Microsoft, and Yahoo, other organizations participating in the DMARC group include financial companies Bank of America, Fidelity Investments, and PayPal; social media companies American Greetings, Facebook, and LinkedIn; and email security companies Agari, Cloudmark, eCert, Return Path, and Trusted Domain Project.

To fight phishing, various forms of email authentication are available, such as SPF, DKIM, and Sender ID. But there's no common standard. As a result, companies that authenticate their email have to coordinate with email providers to make sure that everyone is on the same page when it comes to which messages should be discarded for lack of authentication. PayPal began doing this with email providers in 2007, but approaching each email provider individually isn't ideal. DMARC isn't intended to replace existing specifications, but rather to tie them together.

"We view this as adding significant value to SPF and DKIM," said Microsoft engineer Paul Midgen.

The DMARC framework offers a way to formalize and automate message authentication processes and reporting so that security scales.

"What DMARC now allows is for any domain owner to have control over unauthenticated messages in the Gmail inbox," said Dawes. And the same holds true for inboxes operated by other email providers.

Agari, an email security provider, implemented DMARC last year and subsequently partnered with AOL, Google, Microsoft, and Yahoo. The company's Email Trust Fabric adds value to DMARC by turning raw DMARC data into actionable reports, to help companies understand their email infrastructure and message deliverability. Agari claims it has rejected approximately 4 billion threat messages since the technology was initially deployed in January 2011.

"For me, Monday is going to be one of the most auspicious days in the history of Internet security," said Agari founder and CEO Patrick Peterson in a phone interview in advance of DMARC's launch. "People will be able to send a message and recipients will be able to know where it came from."
ACCESOS RÁPIDOS
BI EN LA PRÁCTICA
SIS KLE
DESCARGABLES
Este sitio esta optimizado para monitores con resolución de 1024 x 768 y Explorer 6.0 Última Actualización: 30 Enero 2012 Derechos Reservados 2012 SIS KLE Sitio desarrollado bajo metodología IDD