At last, someone is doing something about spam. Part of the problem behind spam is that email allows sleazier folk to fake where the email is coming from (the ‘From’ part of the email’s address fields, or header.) But if email didn’t allow that, and authenticated a sender before passing it on to the recipient, you might kill off spam in a second.
The problem has been implementing something like this. How do you get everyone to agree on the new system? Yahoo, Reuters reports, reckons it has the answer: architecture where sending an e-mail message would embed a secure, private key in a message header. The receiving system would check that against the sending domain’s public key. If the public key is able to decrypt the private key embedded in the message, then the e-mail is considered authentic and can be delivered. If not, then the message is assumed not to be an authentic one from the sender and is blocked.
Yahoo says it can make the system work even if only a few major email providers adopt it. Given Yahoo’s size in the email world that may not be so hard. Yahoo is making the technology available for free, so that while it may cost money to implement, it doesn’t leave any one player with a proprietary technology dominating the industry. (I guess spam costs Yahoo so much money it has figured it’s cheaper to give away a new system if it gets rid of spam.)
It’ll be interesting to see how far this goes before another big player, say Microsoft, tries to stomp on it.