Sender's IP Verification
An email features four key players: the authors or originators of the email, the sender or agent who first puts the email on the public Internet, the receiver or agent who receives the email from the Internet, and the recipients who are the persons intended to read the email. For the sake of this discussion, the flow may be simplified as
Thanks to the Transmission Control Protocol and to IP address registries the sender's IP address is automatically verified by the receiver. However, there is no provision for the verification of the author and sender information that is eventually saved in the relevant headers. Thus, it is quite easy for a spammer to make an exact copy of an email from example.com, including a long complicated sequence of headers and a genuine logo in the body of an email, then change the content to send readers to a website that appears to be genuine, but is actually a phishing scam designed to capture names, passwords, and credit card numbers.
IP addresses within the headers thus cannot be used to identify the source of a forged email. In addition to forged headers being used to throw off identification attempts, it is not uncommon for the legitimate headers within the email to reference a system insulated from the forger; the sender may, for example, be a zombie that has been compromised by a Trojan horse. Service providers can block this type of email using IP address reputation technology. IP address reputation is a technology that monitors emails based on their source IP address. The technology tracks the email for spam activity and blocks messages from that sender once spam activity begins. Service providers use this technology to prevent zombies from sending spam. Amir Lev, from email security company Commtouch, described the technology as, "IP reputation pulls the mask off of anonymous spam and malware senders, exposing their identity as spammers at the outer edge of the enterprise, long before any of their viruses, worms and trojans can penetrate into the organization."
Read more about this topic: Email Authentication
Famous quotes containing the words sender and/or verification:
“Love that comes too late,
Like a remorseful pardon slowly carried,
To the great sender turns a sour offense,
Crying, “That’s good that’s gone.””
—William Shakespeare (1564–1616)
“Science is a system of statements based on direct experience, and controlled by experimental verification. Verification in science is not, however, of single statements but of the entire system or a sub-system of such statements.”
—Rudolf Carnap (1891–1970)