Become a fan of Slashdot on Facebook

 


Forgot your password?
Close
typodupeerror

Submission Summary: 0 pending, 4 declined, 0 accepted (4 total, 0.00% accepted)

×
Spam

Submission + - Stopping Spam and Eliminating CAPTCHA

Submitted by
Michael G. Kaplan
Michael G. Kaplan writes: "Distinguishing between spam and legitimate email is difficult because it is frequently not possible to identify the computers from which an email originated. Email forwarding and the use of dynamic IP addresses can make it impossible to verify an originating mail server, while the personal computer that first sent the email is effectively never identified. A novel method offers a practical solution to this problem by authenticating nearly every email server and personal computer in the world. An introductory explanation of this method is the best place for non-experts in the field of email authentication to start. The core process of this method will also finally make it possible to do away with CAPTCHA."
Spam

Submission + - Authenticating mail servers and personal computers (spamfizzle.com)

Submitted by Michael G. Kaplan
Michael G. Kaplan writes: Spam emails often falsify their origin by listing spoofed servers in the email header since only the final server can typically be verified, and even the identity of this server is obscured if a dynamic IP address is used. A novel application of digital signatures will allow for the authentication of every mail server listed in an email header even if a dynamic IP is used. Near universal mail server authentication can be achieved without the participation of a single domain administrator and without the problems associated with the establishment of a public key distribution infrastructure that have plagued other digital signature schemes.

Spam is further enabled by the fact that the personal computer used to send an email is essentially never authenticated. A different digital signature process operating at the level of the email client will allow for near universal authentication of the personal computers used to send email; this method is designed to counter botnets and its implementation requires no participation on the part of the personal computer owner. A variation of this authentication process applied via web browsers will surpass the security of CAPTCHA and allow for their elimination.

Slashdot Top Deals

Top Ten Things Overheard At The ANSI C Draft Committee Meetings: (5) All right, who's the wiseguy who stuck this trigraph stuff in here?

Close