All the experts interviewed for this article agree: fixing e-mail hinges on positive identification of the sender. And there are practical solutions on the horizon to drastically reduce forgeries that characterize some of the worst e-mail abuses.
But first, some background. There is a hole in SMTP big enough to drive a truck through and that's what spammers routinely do when they forge sender addresses. Today, it's trivial to send a message that seems to come from email@example.com or firstname.lastname@example.org. Whether it's a phisher groping for access to a bank account or a cyberterrorist looking to compromise a PC, both the company whose identity is spoofed and the individual who is attacked suffer the damage.
Could cryptographic proof of identity help? Companies that run secure Web sites know how to acquire the server certificates that assert their identities and enable SSL connections. They could also use client certificates to sign e-mail messages and probably should. But individuals rarely have or use digital certificates, so e-mail culture has never evolved a security equivalent of the Web's ubiquitous SSL standard.
An Internet draft proposal from Hadmut Danisch, called RMX (Reverse Mail eXchange) offers an idea that is elegantly simple: in addition to publishing the MX (Mail Exchange) DNS records that identify inbound mail hosts, an organization also publishes reverse MX records that identify outbound hosts. A receiving server queries the DNS to find out if the sending host is so authorized. The name yahoo.com is easy to forge, but the IP addresses of Yahoo's outbound servers are not.
The devil's always in the details, of course. It's remarkably difficult to define exactly what "sender" means in today's complex e-mail environment. Three current proposals -- pobox.com's SPF (Sender Policy Framework), Microsoft's Caller ID for E-Mail, and Yahoo's DomainKeys -- take different approaches. SPF, like RMX, focuses on the "envelope sender". That's the MAIL FROM address asserted by the sending host during setup of an SMTP connection, not the From: header contained in the body of the message. In various legitimate cases including mailing lists, mobile messaging services, and forwarders, the domains of the two addresses can differ. A companion proposal called SRS (Sender Rewriting Scheme) describes how to modify headers in transit so that intermediaries aren't seen as forgers by SPF-aware hosts.
Though significantly complicated by SRS, the SPF approach is arguably a good first line of defence. It's admirably lightweight. If a message fails the envelope sender test, it can be rejected without receipt or inspection of its contents. But messages that pass this test can still easily forge the From: header in the message itself, and that's the address that mail clients display to users. So Caller ID digs into the message itself in search of a purported responsible address whose domain will be queried for authorization. When multiple identities are involved, as with forwarding, the Caller ID spec recommends that mail clients display the addresses of intermediaries as well as originators. But as with SPF, the authorization check applies only the party "most immediately responsible for the transmission of a message", not to the originator.
DomainKeys focuses squarely on the From: header that purports to identify the author of the message. The domain owner responsible for the address in that header stores a public key in a DNS record and issues the corresponding private key to its outbound mail servers so they can sign outgoing messages. A receiving host looks up the public key in the DNS and uses it to verify signatures on inbound messages.
Of the three schemes, Sendmail Inc CTO Eric Allman favours DomainKeys, because it's the only one that doesn't "break e-mail's fundamental store-and-forward model". A signed message that travels through a forwarder can still be verified by the receiver with respect to the originating sender's domain. Since intermediaries sometimes rearrange headers, however, the DomainKeys architects are currently having a lively debate about which headers to sign along with the message body.
One of those architects is the prolific open source developer Russell Nelson. He sees DomainKeys as a near-term fix with long-term growth potential. If corporate keys can be woven into the DNS fabric, it might be possible -- using a Domain-Keys feature called selectors -- to extend support for individual keys as well.
But first things first. We'll soon find out whether any of these schemes -- or some combination of them -- will prove workable. If you run an e-mail system, you can best prepare for the anti-forgery experiments about to unfold by ensuring that your home and mobile users can securely contact the hosts you'd like to authorize. Now's the time to stop procrastinating about the virtual private network, and/or enable secure connections to your outbound mail hosts.