As we approach the end of my series on backscatter, there is still one more piece of technology that holds real promise to combating backscatter - Bounce Address Tag Validation, or BATV. That sounds a bit like a successor to HDTV... but it's not.
BATV is a more secure mechanism of my part 11 post in this series, Check to see if you sent the message in the first place. BATV allows you a much more secure mechanism of determining whether or not you sent the message. I'm not going to go into full technical details about how it works, rather, I will hit on the highlights.
Imagine if you could take a look at a message and determine whether or not you sent it. You can kind of do that by parsing through Received headers and verifying if they conform to your standard. But you don't have to do it that way. Remember that this is the structure of an email, more or less:
Rather than putting just the sender in the MAIL FROM, BATV says to sign (ie, add an encrypted key) to the MAIL FROM. The outgoing mail agent adds a signature to the bounce address:
The advantage here is that the (second) recipient mail server, the one receiving the NDRs and backscatter, does not need to rely on the original recipient mail server to do any verification of the sender. You can do it all on your end:
That's the basic idea behind BATV, it allows you to verify whether or not this subclass of messages, NDR bounces, originally came from you. In my next post, we'll delve down a bit more into what some of the implementation challenges are around this mechanism.
PingBack from http://wordnew.acne-reveiw.info/?p=10898
An obvious limitation of BATV is that it won't help receivers to reject a forged MAIL FROM firstname.lastname@example.org actually sent by a spammer. It helps me to reject most of the backscatter, the formats that can be identified as bounces and auto-responses.
But accepted spam claiming to be MAIL FROM email@example.com will still make it to mailboxes of unhappy users. The combination of BATV with an SPF FAIL policy for example.org could be ideal to combat forged MAIL FROM firstname.lastname@example.org.
Pure BATV without SPF FAIL protection offers no incentive for spammers to move on and forge other (unprotected) addresses.