Selected MARID-Related Terms and Acronyms

Compiled by Weldon Whipple <weldon@whipple.org>.

2821 Verification

Verification of e-mail sender based on envelope information in the SMTP conversation. (RFC 2821 describes the Simple Mail Transfer Protocol [SMTP]; the addresses specified with the SMTP commands MAIL FROM and RCPT TO are the envelope sender and recipient respectively.) This sender verification method is favored by the original SPF, and by RMX and LMAP.

2822 Verification

Verification of e-mail sender based on e-mail header information. (RFC 2822 describes the format of e-mail messages; the text of e-mail messages begins with headers.) This sender verification method is favored by Microsoft's Caller-ID.

ABBS

Anti-Bogus Bounce System (Qmail)

ASRG

Anti-Spam Research Group. The ASRG is an Internet Research Task Force (IRTF)

ASTA

The Anti-Spam Technical Alliance. Participants include Yahoo! Microsoft, EarthLink and America Online.

BATV

Bounce Address Tag Validation. Dave Crocker's proposal to add signature information to the "RFC2821.MailFrom address local-part."

BGP

Border Gateway Protocol. "BGP is used to exchange routing information for the Internet and is the protocol used between Internet service providers."

Black-hat Hacker

Someone who hacks with malicious intent.

Black-hat MTA

  

Blacklist

A list of domains, hosts, IP addresses and/or e-mail addresses from which e-mail is blocked.

Caller-ID

Microsoft's proposal for sender verification. See SenderID.

CBV

CallBack Verification. "The receiving mail server connects back to the mail server of the sender of an email to verify their address exists, before accepting the email from them." --Chris Drake

Challenge/Response

Before accepting mail from a sender for the first time, challenge the sender by sending an e-mail and requiring the she respond. Until a response is received, e-mail from that sender is rejected.

CID

Caller-ID.

C/R

Challenge/Response

CSV

Certified Server Validation (formerly Client SMTP Validation, in which an SMTP server using CSV validates the client by checking the client's IP address, the domain name supplied with the SMTP HELO/EHLO, a DNS SRV record, etc.).

DDoS

Distributed Denial of Service (attack)

Designated Sender

A generic term used to describe systems like SPF, DMP and Caller-ID, where the domain owner designates who can send email using their domain name. --Wayne

DK

See DomainKeys.

DKIM

See DomainKeys Identified Mail.

DMP

Designated Mailers Protocol. "A proposal for identifying computer systems authorized to act as Simple Mail Transfer Protocol (SMTP) clients for an e-mail domain."

DNA

Domain Name Accreditation.

DNS

Domain Name Service

DNSBL

DNS Blacklist; DNS Blocklist. Blacklists that are implemented using the Domain Name System.

DomainKeys

A mechanism that lets email providers verify the domain of each e-mail sender, as well as the integrity of the messages sent (i.e., that they were not altered during transit), through the use of public/private keys. See http://antispam.yahoo.com/domainkeys.

DOR

Domain of Responsibility

DoS

Denial of Service (attack)

DRIP

Designated Relays Inquiry Protocol

DSN

Delivery Status Notification

DSPAM

"Refers to an anti-spam program, not 'distributed spamming.'"

DSS

Designated Sender Scheme. Examples: RMX, DMP, SPF, and CallerID.

EHLO

Extended HELO. The command given by the initiator of an ESMTP conversation at the beginning of the conversation. See also HELO.

EHLO Domain Name

The domain (host) name given as the argument to the EHLO command at the beginning of an SMTP conversation.

ESMTP

Extended Simple Mail Transfer Protocol

FSV

?

Greylisting

A scheme that requires incoming e-mail to "knock twice." Typically, as incoming e-mail arrives, the server checks to see if the sender has successfully sent mail to the recipient in the recent past. If so, the mail is accepted. If not, the server returns a temporary failure and records the delivery attempt. If the sender retries the delivery later, the server accepts the mail and records the successful delivery.

HELO

The command given to initiate an SMTP conversation. See also the more recent EHLO.

HNA

Host Name Authentication

IETF

Internet Engineering Task Force

IRTF

Internet Research Task Force

Joe Job

Used to describe what happens when a spammer chooses the e-mail address of an unsuspecting user on the Internet as the (spoofed) sender of an e-mail to a list of non-existent recipients. Then the receiving mail servers detect that the recipient user doesn't have a mailbox there, they all send bounce messages to the e-mail address of the spoofed sender. The spoofed sender has been "Joe Jobbed."

LMAP

Lightweight MTA Authentication Protocol

MARID

MTA Authorization Records in DNS. SPF is arguably the most significant example of MARID. The IETF MARID working group was announced on April 8, 2004.

MDA

Mail Delivery Agent. Procmail and mail.local are examples of local MDAs. (Note: Some MTAs also include the MDA functionality to deliver email to the final mail box.).

MIME

Multipart Internet Mail Extensions

MSA

Mail Submission Agent. A program (possibly an MTA) that accepts e-mail from an MUA.

MTA

Mail Transfer Agent. Sendmail, Procmail, Qmail and Exim are examples of MTAs.

MTAMark

Marking Mail Transfer Agents in Reverse DNS with TXT RRs. "Marking of hosts in reverse DNS (in-addr.arpa zone) to allow the receiving mail transfer agents to decide whether the connecting (sending) host is a designated mail transfer agent (MTA) or not."

MUA

Mail User Agent. A program that displays received messages and composes and sends new messages. Outlook Express, Pine and Mutt are examples of MUAs

MX

Mail Exchanger, Mail Exchange. Also a type of DNS Resource Record (RR) that identifies the host(s) that receive e-mail for a domain.

NXDOMAIN

Non-Existent Domain. "This means the domain could exist but doesn't (yet). It could be registered already, but it doesn't exist. Likely it isn't even registered. So how could it then exist?" --Source: http://www.nxdomain.net home page.

OMTA

Originating MTA (Mail Transfer Agent). The MTA that sends an e-mail message.

Phishing

Internet scam where official-looking e-mail uses imbedded links or other means to trick consumers into divulging account numbers, Social Security numbers, user names and passwords, and other private or sensitive data.

PRA

Purported Responsible Address. The Internet address from which an e-mail message purports to originate, extracted from e-mail headers. [Note: This is 2822 Verification.] The address specified in the "From:" header, unless a "Sender:" header is present. A "Resent-From:" overrides both Sender: and From:. See http://www.openspf.org/unified/7-pra.txt

PRD

Purported Responsible Domain. The domain portion of the e-mail address from which an e-mail message purports to originate.

RAND License

Reasonable And Non-Discriminatory license

Responsible Submitter

Proposed SMTP service extension that adds a SUBMITTER parameter to the SMTP EHLO and MAIL commands.

RFROM

See (the more recent) SUBMITTER.

RMTA

Recipient/Receiving MTA (Mail Transfer Agent). The MTA that receives an e-mail message.

RMX

Reverse MX. A proposed DNS resource record (RR) that enumerates hosts/addresses from which e-mail purportedly from a domain can originate.

RR

Resource Record (in DNS)

SenderID

New name (June 2004) for Caller-ID. Some sources (incorrectly?) state that SenderID is the name for the combined Caller-ID/SPF.

SES

Signed Envelope Sender

SIP

Session Initiation Protocol. Proposal to combat unsolicited "multimedia communications between users, including voice, video, instant messaging and presence."

S/MIME

Secure MIME.

SMTP

Simple Mail Transfer Protocol. Documented in RFC 2821.

SPF

Sender Policy Framework. (Formerly: Sender Permitted From) (See http://www.openspf.org, also Sender Policy Framework (SPF) for Authorizing Use of Domains in E-MAIL, version 1 (draft-schlitt-spf-classic-01).) In 2004, Microsoft attempted to merge SPF with its SenderID. Microsoft's efforts to patent the combined methodology as its own work (and require users of the technology to obtain licenses from Microsoft) caused dissatisfaction among most of the original SPF proponents, and the effort has apparently failed. Development of "Classic SPF" continues without Microsoft or SenderID.

spoofing

Falsifying the identity of the sender of an e-mail message.

SRS

Sender Rewriting Scheme

SRV

An experimental DNS Resource Record (RR) introduced in RFC 2052 as a general mechanism for locating services.

SS

Selective Sender. A proposal similar to MTAmark. John Levine created this along with FSV.

SSP

Sender Signing Policy. The strategy or procedure an e-mail sender has established for attaching DomainKeys signatures to outgoing mail. When an e-mail recipient that verifies DKIM signatures receives mail without a signature, it must determine that policy--"whether messages from a particular sender are expected to be signed, and what signatures are acceptable."

SUBMITTER

A proposed extension to the SMTP EHLO and MAIL commands described by the Responsible Submitter SMTP service extension proposal. It is used when e-mail is sent through a forwarding address.

Example SMTP MAIL command using SUBMITTER:

MAIL FROM:<mengwong@pobox.com> SIZE=1000 SUBMITTER=<mengwong@dumbo.pobox.com>

The SUBMITTER value is used to route bounce messages that result from forwarded mail. (SUBMITTER is a replacement for SRS and SES.)

Tarpit

A mail transfer (MTA) which--as soon as it identifies an incoming e-mail as SPAM (or from a spammer)--purposely responds very slowly.

UBE

Unsolicited Bulk E-mail; Unsolicited Business-oriented E-mail (Synonyms: SPAM, UBE)

UCE

Unsolicited Commercial E-mail. (Synonyms: SPAM, UBE)

UDP

User Datagram Protocol

VERP

Variable Envelope Return Paths

VMTA

Verifying MTA (Mail Transfer Agent). An MTA that implements CBV (CallBack Verification)

White-hat MTA

(Possibly?) A Mail transfer Agent that is anti-SPAM

Whitelist

A list of domains, hosts, IP addresses and/or e-mail addresses from which e-mail is unconditionally accepted.