My last post, ?Anybody can use your email identity to send mails? left you (& me) with lot of un-answered questions in mind. Let?s understand how email delivery system works & how it could be manipulated & mis-used.
Simple Mail Transfer Protocol (SMTP) is the technology used worldwide to deliver emails in Internet. Whenever you compose a mail & send, it goes to SMTP server of your email provider (say for gmail it?s smtp.gmail.com). SMTP server then checks for recepient?s email Ids & delivers it to appropriate mail servers. SMTP server could be manipulated to send spams with deifferent email Ids or identity. This is a known issue from years. Whoever has good workarround of SMTP server, can easily manipulate it for spamming. But all these are bit advanced stuff & dummies can?t make use of it so easily.
The software I downloaded has inbuilt SMTP relay. Which means you need not to configure anything & no any technical stuff. Anyone who knows composing a mail can mis-use it. You will need to just enter ?From? field while sending mail. If you send mails manipulating SMTP server, still server name gets displayed in email headers. For ex: If I send mails using SMTP server provided my hosting provider (am hosted on bluehost.com), email header will contain something like ?mailed-by: box22.bluehost.com?. But when you send mails using this software, there will be no info about SMTP server in email headers! So there is no piece of evidence to find out from where that mail came from.
This is just an example; spammers use more hundred ways to manipulate SMTP servers. They use bulk email senders, automated scripts?etc. Finding a solution to this problem is a huge task. SMTP cannot be replaced by other standard or system, because it is extensively used worldwide. Millions of SMTP servers are running worldwide. Even making huge modification to SMTP cannot be done.
But since there is no other way, we have to keep our hope alive. Anti Spam Research Group (ASRG) of Internet Research Task Force (IRTF) is working on tools & technique to fight spamming. Here is what its home page says:
The Anti-Spam Research Group (ASRG) investigates tools and techniques to mitigate the effects of spam. The focus of the ASRG is on technology solutions, although it may consider tools and techniques to aid the implementation of legal and other non-technical anti-spam measures. It also provides input for standardization efforts within the IETF