A few days ago, Domain Keys Identified Mail or DKIM, was approved by the Internet Engineering Task Force (IETF). DKIM is one of the standards that we use at Boxbe to keep your email safe from phishing attacks and fake emails in general.
What is DKIM?
DKIM is an email authentication framework that addresses the widespread issue of email forgery, using cryptography to verify the domain of the sender. It allows email providers to validate an email’s originating domain, making use of blacklists and whitelists more effective. It also makes phishing attacks easier to detect by helping to identify abusive domains.
DKIM is good for the internet and will help detect forged email addresses. However, DKIM alone won’t stop spam originating from non-faked addresses nor will it stop other forms of unwanted email. Email expert Richi Jennings says “At best, they give a partial indication whether a message is spam or not, but their main use is to allow recipients to look up the reputation of the sending domain.”
The UK’s PC Advisor says “To make it work, DKIM now has to be adopted and incorporated by independent software vendors into their email applications and related infrastructures.”
That said, this is a step forward in stopping phishing schemes and other illegal activities that originate from non-authenticated senders and we are happy to see the DKIM standard approved and hopefully more widely adopted.
More about DKIM
More discussion of the standard approval
Promising antispam technique gets nod – CNET News
IETF backs new cryptographic scheme to battle the effects of spam – Ars Technica
Junked: Is this the end of spam and spoof email? – Silicon.com
Bye Bye Spam and Phishing with DKIM? – Slashdot.org
New Spec Could Cut Phishing, Spam – Dark Reading
IETF approves DKIM to fight spam and phishing – A Canadian Geek
Why DKIM will fail – Spin on Cue
Promising new anti-spam techique gains key approval – Geeks Are Sexy