E-Mail Impersonator.

Inside the Internet.
March 12 2002 7:46 PM

E-Mail Impersonators

How to identify "spoofed" e-mail.

Editor's note: To read the complete explanation of how Slate was duped by an e-mail spoofer, see this "Press Box" column.

(Continued from Page 2)

Given today's e-mail infrastructure, there's not much that can be done to prevent spoofing. Companies and organizations can tighten up their mail servers as detailed here. If you are in a situation where the authenticity of the sender must be established and it is someone you are already in communication with, you can agree to use PGP or other encryption programs when exchanging e-mail. Encryption protects messages from tampering and positively identify the sender. A promising sign is the emergence of programs that attempt to filter or tag spoofed e-mails, but these have yet to be widely embraced by ISPs (although the government—with good reason—is pursuing them avidly).

Until then, be wary if you get mail from the president offering to drop by your neighborhood and personally feel your pain. It might just be me.

Bill Barnes, Slate's founding program manager, draws and co-writes the daily comic strip Overdue.