Yahoo! Mail Has Two Totems, Leonardo in Inception Had Just One
Remember how in the movie Inception, Leonardo DiCaprio’s character Dom Cobb had a totem, a spinning top that would tell him if he’s in the real world or not? Well, Yahoo!’s Carlo Catajan (Product Manager, Anti-Abuse, Yahoo Mail!) said Yahoo! email service has two totems – just that these totems tell Yahoo! Mail when spam messages are spam, not legitimate emails.
“Spammers have gotten very good at crafting legitimate-looking messages that appear to be the real thing, but are as fake as the Rolexes they peddle,” said Carlo Catajan. “They’ll spoof just about anyone or any brand to lure you into opening and clicking on their emails. With that said, wouldn’t it be great if we had a totem that could tell us whether a message is authentic or forged? Thankfully, we do have such a totem, sort of. Two of them, in fact.”
As Carlo Catajan explained, Yahoo! Mail has the following two totems:
DomainKeys Identified Mail (DKIM for short) – identifies authentic messages by using digital signatures. These digital signatures in the emails are like fingerprints; they identify the message as valid message from a domain.
Sender Policy Framework (SPF for short) – this is a method of identifying authorized sources of messages for a domain. Catajan provided this analogy: if you know all the phone numbers your bank uses, when you get a call from an unknown number, you are immediately weary when the person on the other end of the line claims to be from your bank.
“We’ve been utilizing both DKIM authentication and SPF validation on all messages sent to our users,” added Catajan. “These two technologies give us the ability to verify if an email came from a valid source for a particular domain—that is if the email sender utilizes these technologies as well. As we continue to enhance our implementation of these anti-spoofing techniques, and through our collaboration with partners who specialize in these technologies, we are helping to broaden the adoption of email authentication across financial institutions, social networks, shopping sites, and others. Our ultimate goal is to reject messages that are spoofing legitimate brands and trusted domains so you don’t even get to see them in your mailbox.”
In related news, back in May 2010 we were reporting that according to a Fraunhofer Institute study, Yahoo! Mail fights spam harder, smarter and better than the competition. The Fraunhofer Institute found that Yahoo! Mail users saw 40% less spam than Hotmail users and 55% less spam than Gmail users during its research.
In further related news, the new Yahoo! Mail Beta (released by the end of October 2010) uses Hadoop technology to offer even better protection against spam.
“Spammers have gotten very good at crafting legitimate-looking messages that appear to be the real thing, but are as fake as the Rolexes they peddle,” said Carlo Catajan. “They’ll spoof just about anyone or any brand to lure you into opening and clicking on their emails. With that said, wouldn’t it be great if we had a totem that could tell us whether a message is authentic or forged? Thankfully, we do have such a totem, sort of. Two of them, in fact.”
As Carlo Catajan explained, Yahoo! Mail has the following two totems:
DomainKeys Identified Mail (DKIM for short) – identifies authentic messages by using digital signatures. These digital signatures in the emails are like fingerprints; they identify the message as valid message from a domain.
Sender Policy Framework (SPF for short) – this is a method of identifying authorized sources of messages for a domain. Catajan provided this analogy: if you know all the phone numbers your bank uses, when you get a call from an unknown number, you are immediately weary when the person on the other end of the line claims to be from your bank.
“We’ve been utilizing both DKIM authentication and SPF validation on all messages sent to our users,” added Catajan. “These two technologies give us the ability to verify if an email came from a valid source for a particular domain—that is if the email sender utilizes these technologies as well. As we continue to enhance our implementation of these anti-spoofing techniques, and through our collaboration with partners who specialize in these technologies, we are helping to broaden the adoption of email authentication across financial institutions, social networks, shopping sites, and others. Our ultimate goal is to reject messages that are spoofing legitimate brands and trusted domains so you don’t even get to see them in your mailbox.”
In related news, back in May 2010 we were reporting that according to a Fraunhofer Institute study, Yahoo! Mail fights spam harder, smarter and better than the competition. The Fraunhofer Institute found that Yahoo! Mail users saw 40% less spam than Hotmail users and 55% less spam than Gmail users during its research.
In further related news, the new Yahoo! Mail Beta (released by the end of October 2010) uses Hadoop technology to offer even better protection against spam.
