If you manage email systems and aren’t familiar with DKIM, you may still have time to learn about it. But you don’t have the luxury of ignoring it.
(Page 1 of 2)

Earlier this month in Dallas, Texas, nearly two dozen Internet service providers, messaging product vendors, and email industry associations gathered for two days to take the future of email authentication out for a test drive.

This quiet event, hosted by Alt-N Technologies, brought together technical representatives from many of the biggest names in email from around the globe to practice implementing Domain Keys Identified Mail (DKIM). DKIM is one of the most promising new email authentication standards to emerge from the Internet Engineering Task Force’s standards-making process.

If you are responsible for managing email systems and you don’t have at least a passing familiarity with DKIM, you may still have time to learn about it. But you most assuredly don’t have the luxury of ignoring it.

While some of the more level-headed proponents of DKIM will be aghast at my hyperbole, the more deeply I look at DKIM and how powerful a tool it can be in the battle against spam and various email-borne security threats, the more I become convinced that DKIM will be one of the truly indispensible elements of email’s future.

DKIM derives from a pretty simple concept: because a lot of bad people attempt to fraudulently represent the origins of certain emails, if you can reliably identify and verify the origins of legitimate messages, then it’s much easier to dump the illegitimate stuff into the trash.

Related Articles
Mac vs. Linux: Which is More Secure?

Norton Internet Security 2008: Faster, Stronger

Microsoft's New Patent: The Dark Side of SaaS

The Emerging Dell-Linux-Apple War

FREE IT Management Newsletters

Through the cunning use of encryption to generate cryptographic signatures on each outbound email message, a sender can certify the origin of a message as coming from an authorized server for that domain. Receivers can in turn do a simple DNS query on the domain name and use a signature in the DNS record to verify the authenticity of that email’s claimed origin.

Ideally, in a world where DKIM is widely deployed and implemented, authenticated mail can benefit from speedier and more reliable delivery, bypassing certain types of anti-spam and anti-phishing filters.

That’s what made the two-day exercise in Dallas so important: senders, receivers, software and hardware manufacturers, and a variety of other parties interested in restoring some level of trust and reliability to email were able to fling DKIM-signed messages at one another all day and night, testing the robustness of various implementations.

And the results were, in a word, awesome. In a press release about the event, event coordinator and email standards guru Dave Crocker, noted: “Because spam and phishing continue to proliferate, messaging companies are eager to move forward with wide-spread implementation of DKIM, to help consumers and businesses identify legitimate email messages...We have demonstrated that DKIM is easy to add to an email service and that its use of cryptographic technology provides a strong basis for knowing received email really is associated with the organization that claims to have sent it.”

Various email server software vendors also found the event useful for testing their DKIM implementations against a wider variety of systems and architectures. “We learned a lot by participating; not the least of which is that DKIM just works,” said Arvel Hathcock, CEO of Alt-N Technologies, and host of the event. “The testing performed by all participants revealed no significant barriers to adoption or use.”

Continued: Encryption-based methods of fighting spam.

Page 1 of 2

1 2
Next Page

0 Comments (click to add your comment)
Comment and Contribute


(Maximum characters: 1200). You have characters left.