A fifth of email spam now features the domain name of the recipient, according to a new study.
Research by Network Box claimed that this allows spammers to make the spam look genuine, and it is advising all companies not to whitelist their own domain names.
The company claimed that it started to see a wave of spam in December 2008 that mimicked the recipient's email address, or posed as an email from a colleague. These emails included what looked like links to instant messaging services, and an invitation to chat.
Simon Heron, internet security analyst at Network Box, said: “Until late 2008, this was a relatively small problem. But a mimic rate of 20 per cent, that we're seeing now, is very high. We advise companies who use whitelisting to take their own domain names off the list and consider other ways of avoiding false positives.”
Network Box said that one of the solutions to this problem is to use Sender Policy Framework, which uses a field in the DNS record to define all the IP addresses that an email from a legitimate sender will come from.
See original article on scmagazineus.com