The committee works to promote adoption of email security, sending and authentication best practices for all classes of email senders and receivers including brands, ISPs, enterprise and government agencies. Goals include increasing the integrity and trust of legitimate email, while reducing spear phishing, spam and social engineered email exploits.
Implementation Tools DMARC
Updated ESP & Hosting Customer Risk Evaluation Framework / Press Release - October 1, 2013
Risk Evaluation Framework Presentation (Recorded webinar members only) - October 3, 2013
Email is the dominant form of online communication for citizens, businesses, and governments. The ubiquitous and open nature of email has also provided criminals with an ideal platform to perpetuate fraud, with upwards of 95% of today's email consisting of spam, phishing, identity theft attacks, attempts to spread malware, and sophisticated attacks know as Advanced Persistent Threats.
OTA recognizes the critical role email plays in today's online ecosystem, and publishes a set of recommendations that prescribe the adoption of freely available and standards-based email authentication technologies as an effective response to rampant abuse of the email channel.
Email authentication provides ways for email senders to take responsibility for the email they send, and for receivers to validate that the purported sender information is valid and not forged. Combined with the newly announcement DMARC specification, senders and receivers now have a way to establish domain-level email protections, creating an un-spoofable email channels that exclude criminals and upon which trust can be established.
To help spread adoption of email authentication, OTA tracks industry adoption of email authentication, makes available deployment support (through training courses and online materials) to help organizations understand and execute authentication deployment projects, collects links to implementation tools, and maintains a small recommended reading list for those that want to understand the deep value email authentication brings to the online ecosystem.
For definitions of Email Authentication terms and related OTA initiatives visit the OTA Glossary