IESG APPROVES PUBLICATION OF ANTI-SPAM MECHANISMS AS EXPERIMENTAL RFCs
Reston, VA - 29th June 2005 - The Internet Engineering Steering Group
(IESG) has approved two groups of documents as experimental RFCs for
proposed anti-spam mechanisms.
RFCs to be entitled 'Sender Policy Framework (SPF) for Authorizing Use
of Domains in E-Mail' and 'Sender ID: Authenticating E-Mail' describe
two different approaches to domain-based authorization for systems
sending mail.
The current document approvals are part of ongoing activities within
the Internet Engineering Task Force (IETF) to explore new technical
solutions that combat the problem of spam. Experimental RFCs are not
standards -- they are specifications that are published for the general
information of the Internet technical community.
While many proposals for domain-based authorization have been under
consideration, no consensus has yet been reached concerning a single
technical approach. The IESG does not endorse either of the two
mechanisms documented in the experimental RFCs - their publication is
intended to encourage further discussion and experimentation in order
to gain experience that can be used to write future standards in this
space.
While some solutions based on both mechanisms have already been
deployed, the IETF cautions that an experimental phase is essential
before moving towards standards because they affect such a significant
part of the Internet infrastructure. Given the importance of the
worldwide e-mail and DNS systems, it is critical that future standards
support their continued stability and smooth operation.
At the same time, the IETF continues to consider other ways in which
standards measures can be used to combat spam. Such measures will most
likely need to work alongside social and legal mechanisms. Examples of
other IETF anti-spam activities include:
* consideration of a proposal to use cryptographic signatures to
authenticate e-mail senders.
* consideration of a draft for a protocol that would enable operators
to communicate details of spam and phishing incidents in an automated
real-time manner. This protocol (draft-jevans-phishing-xml-00) allows
operators to have the information needed to take action against those
sending spam or mounting phishing attacks.
* publication of RFC 3865, which provides a mechanism that legitimate
commercial e-mailers can use to mark messages. This standard may
provide a tool for governments and service providers to use when
labeling e-mail. The IETF also published RFC 4096, which gives advice
to regulatory authorities considering using the subject line of
messages for mandatory labels.
NOTE TO EDITORS:
Texts of the related Internet Drafts are available here:
Sender Policy Framework (SPF):
http://www.ietf.org/internet-drafts/draft-schlitt-spf-classic-02.txt
Sender ID:
http://www.ietf.org/internet-drafts/draft-katz-submitter-01.txt
http://www.ietf.org/internet-drafts/draft-lyon-senderid-core-01.txt
http://www.ietf.org/internet-drafts/draft-lyon-senderid-pra-01.txt
Texts of the RFCs will be available here when published:
http://www.ietf.org/rfc.html
The IETF (http://www.ietf.org), which has provided leadership in the
development of Internet standards for nearly 20 years, is a large open
international community of network designers, operators, vendors, and
researchers concerned with the evolution of the Internet architecture
and the smooth operation of the Internet. It is open to any interested
individual. The technical work of the IETF is done in its working
groups within areas managed by Area Directors (ADs). The ADs are
members of the Internet Engineering Steering Group (IESG).
ABOUT ISOC
The Internet Society (http://www.isoc.org) is a not-for-profit
membership organization founded in 1991 to provide leadership in
Internet related standards, education, and policy. With offices in
Washington, DC, and Geneva, Switzerland, it is dedicated to ensuring
the open development, evolution and use of the Internet for the
benefit of people throughout the world. ISOC is the organizational
home of the Internet Engineering Task Force (IETF) and other
Internet-related bodies who together play a critical role in ensuring
that the Internet develops in a stable and open manner. For over 13
years ISOC has run international network training programs for
developing countries and these have played a vital role in setting up
the Internet connections and networks in virtually every country
connecting to the Internet during this time
FOR FURTHER DETAILS:
Peter Godwin
Communications Manager, Internet Society
E-mail: godwin@isoc.org
4, rue des Falaises
1205 Geneva
Switzerland