Note: The Internet Patrol is completely free, and reader-supported. If something that you find here helps you, please consider supporting us. We also earn a small amount from ads and Amazon links:
A survey of nearly 2million pieces of email by security company CipherTrust revealed some interesting facts:
1. Only 5% of the email came from servers which had enabled either SPF or Sender I.D. authentication.
2. Of the email coming from servers with SPF or Sender I.D. enabled, more than half was spam.
Spammers are early-adopters. Who knew?
Well, only anybody who has ever observed how quickly spammers latch on to any new technology designed to ease delivery of email. It’s no secret.
CipherTrust then went on to say that this demonstrates that sender authentication such as SPF will do nothing to stop spam.
It was never intended to stop spam. Nobody ever said that it would stop spam.
The purpose of SPF and Sender I.D., and Domain Keys, and on and on, is to be able to demonstrate that the domain from which the email is purportedly being sent is not being spoofed. That it’s really who it says it is. SPF et al say nothing about what sort of email it is. Never has, never will.
And, we would suggest that the fact that it’s showing up in spam means, in fact, that it’s working. How handy to be able to track a spam back to its true IP address and domain of origin!