Minimizing the Spam Problem

Spam is crippling email. So far no mechanism has been shown to have a long-term, large-scale effect on reducing global spam. Some spam control techniques rely on an assessment of the sender's reputation. When a mail sender adheres to a set of best practices, and is accountable for their use, it is possible to treat email originating from them with less suspicion. This translates into significant antispam resource savings for the mail receiver.

VBR (Vouch By Reference)

Alt-N Technologies, through its participation in the Domain Assurance Council (DAC) is working to create an extension to Internet mail called "Vouch By Reference" (or "VBR" for short). VBR provides a mechanism through which certification providers may vouch for the email messages sent by others. VBR is based on the idea of adding an additional header to the outgoing mail and providing a very simple way to check whether certification providers vouch for a particular sender. VBR does not require the certification provider to sign (or even know about) any mail that is sent.

MDaemon includes the world's first commercial implementation of VBR and handles all the details for you. All you have to do is configure your MDaemon with one or more certification providers you trust to vouch for incoming mail, and one or more certification providers which are willing to vouch for your outgoing mail. Ultimately, it is our goal to have all the major reputation service providers create certification servers for your use. They will certify only those who meet their criteria for "good email practices". Until that day arrives, Alt-N Technologies will step into the role and provide certification services for the MDaemon community.

Certify Your Domain's Messages

To submit a request for Alt-N Technologies to certify your domain's messages visit:
http://www.altn.com/Email-Certification/SignUp/

MDaemon Certification Configuration

To configure your MDaemon to use Alt-N Technologies as a certification provider use the MDaemon GUI, thus:

  1. Go to Security | Security Settings (or press Ctrl+S).
  2. Click on VBR Certification in the left-hand navigation menu. (Currently, it says to click on a tab, but tabs went away in MD 10).
  3. Check the box "Enable certification of inbound messages." (The article says "incoming", but MDaemon says "Inbound".)
  4. Enter 'vbr.emailcertification.org' for Host name(s) of certification services that I trust.
  5. Check the box "Insert certification data into outbound messages."
  6. Click "Configure a domain for message certification" and enter the domain and certification provider for each domain you'd like MDaemon to insert the header for. Make sure that each domain has been signed up at the URL listed under "Host name(s) of certification services that I trust." If you signed up at Alt-N the provider will be vbr.emailcertification.org.
  7. Click "Ok."
  8. Click "Apply" and "Ok" on the Security Settings screen.

For more information, see the following KB article:
http://www.altn.com/Support/KnowledgeBase/KnowledgeBaseResults/?Number=KBA-02222

Note:

  • Certification of incoming messages is only possible when an authenticated identity can be obtained from the incoming message. This is possible using DomainKeys Identified Mail (DKIM) or Sender Policy Framework (SPF). Therefore, one or more of these authentication features must be enabled.
  • Similarly, certification of your messages by others requires the authentication of your identity so we recommend enabling DKIM signing of your outbound mail.

Additional Resources

  • For more information on Email Authentication, please check out recent White Papers from the Messaging Anti-Abuse Working Group (MAAWG).
  • For more information on DKIM visit: http://www.dkim.org.