The Best Anti Email Spoofing websites



What is email spoofing? (email faking or forging)

"Email Spoofing" is the practice used by many spammers to falsify the header information in their email advertisements. By changing the header information someone can make the email appear to come from whoever they choose.

Hackers are now routinely stealing the email or Web site identities of many people on the Web, and using them to send millions of pieces of junk advertising or offending emails.

The average person on the Internet doesn't yet understand what's happening here, and many legitimate companies are obviously being victimized.

General Information about email spoofing

CERT Coordination Center - Spoofed/Forged Email  - www.cert.org/tech_tips/email_spoofing.html
This document provides a general overview of email spoofing and the problems that can result from it. It includes information that will help you respond to such activity.
SmallBusinessComputing.com - Spoofing: Identity Crisis  - www.smallbusinesscomputing.com/emarketing/article.php/1142751
Real-Life Spoofs / Making a Federal Case out of Spoof / Fighting Spoof
Wikipedia.com - E-mail spoofing  - en.wikipedia.org/wiki/E-mail_spoofing
Definition of email spoofing and the techniques used.

How to Combat email spoofing?

CERT Coordination Center - Spoofed/Forged Email  - www.cert.org/tech_tips/email_spoofing.html
This document provides a general overview of email spoofing and the problems that can result from it. It includes information that will help you respond to such activity.
E-mail Forgery - A victim's story  - www.robsworld.org/forgery.html
The story of a victim of email spoofing and what he did about it.

Reading and Interpreting email headers

Interpreting email headers  - www.valinet.com/%7Ecoreya/antispam/asheadi.html
Interpreting email headers with examples. Find the real spam senders.
StopSpam.org - Reading Email Headers  - www.stopspam.org/email/headers.html
All About Email Headers. This document is intended to provide a comprehensive introduction to the behavior of email headers. It is primarily intended to help victims of unsolicited email ("email spam") attempting to determine the real source of the (generally forged) email that plagues them; it should also help in attempts to understand any other forged email.
Figuring out fake email - Deciphering fake email or posting?  - www.mailsbroadcast.com/email.bolts&nuts/deciphering.fake.email.htm
The information provided here, describes how to find out where a fake post or email originated from, decipher which machine it came from and who (generally or specifically) you should contact.
UXN - Tracing Spam / Spam Complaints Assistant  - combat.uxn.com/tracing.html
A one page easy explanation of how to read the "Received:" lines in the email header to trace the spam and who to complain to. With integrated IP Address Lookup.

How to Prevent email spoofing?

DKIM.org - DomainKeys Identified Mail  - www.dkim.org
DKIM allows an organization to take responsibility for transmitting a message, in a way that can be verified by a recipient. The organization can be the author's, the originating sending site, an intermediary, or one of their agents. Their reputation is the basis for evaluating whether to trust the message for delivery. Technically DKIM provides a method for validating a domain name identity that is associated with a message through cryptographic authentication.
The Sender ID Framework (Microsoft)  - www.microsoft.com/mscorp/safety/technologies/senderid/default.mspx
The Sender ID Framework is an email authentication technology protocol that helps address the problem of spoofing and phishing by verifying the domain name from which email messages are sent. Sender ID validates the origin of email messages by verifying the IP address of the sender against the alleged owner of the sending domain.
OpenSPF.org - Sender Policy Framework  - www.openspf.org
The Sender Policy Framework (SPF) is an open standard specifying a technical method to prevent sender address forgery. It is about giving domain owners a way to say which mail sources are legitimate for their domain and which ones aren't. The SPF project is being driven by several teams of volunteers.