The New Spam Sheriff in Town

Written by Carl E. Reid on March 4, 2009

encryption1DomainKeys Identified Mail (DKIM) is a method for verifying email as being authentic.  DomainKeys was designed by Mark Delany of Yahoo!.  DomainKeys is covered by a U.S. patent assigned to Yahoo!.  Although it has been around for quite a few years, I suspect 3 variables have prevented DKIM from gaining wider acceptance.  Cost of implementation, universal compatibility between disparate email systems and speed of encryption/decryption processing must each be addressed for wider acceptance.  DKIM would be an excellent compliment to spam filters.

DKIM adds a header named “DKIM-Signature” that contains a digital signature of the contents (headers and body) of the mail message. The default parameters for the authentication mechanism uses a  cryptographic
algorithm and RSA as the public key encryption scheme, and then encodes the encrypted hash.

The receiving SMTP server then uses the name of the domain from which the mail originated, the string “domain key”, and a selector from the header to perform a DNS lookup. The returned data includes the domain’s public key. The receiver can then decrypt the hash value in the header field and at the same time recalculate the hash value for the mail message (headers and body) that was received. If the two values match, this cryptographically proves that the mail originated at the purported domain and has not been tampered with during transmission.

Since DKIM is an authentication technology, it is still not a spam filtering mechanism. This does not take away from the fact that widespread use of DKIM can prevent spammers from forging the source address of their messages. This is a technique they commonly employ today. If spammers are forced to show a correct source domain, then other filtering techniques can work more effectively. In particular, the source domain can feed into a collaborative reputation system to better identify spam. Conversely, DKIM can make it easier to identify mail that is known not to be spam and need not be filtered. If a receiving system has a whitelist of known good “friendly” domains, either locally maintained or endorsed by third party certifiers, it can skip the filtering on signed mail from those domains. This would allow for more aggressive filter of the remaining emails.

DKIM can also be useful as an anti phishing technology. Senders of email from and to heavily phished domains can sign their mail to show that it is genuine. People who receive these phishing emails can quickly identify the missing signature email from those domains to be an indication that the mail is probably fake. The best way to determine the set of domains that merit this degree of scrutiny still remains open to further discussion.

One of the added considerations for implementing DKIM is to have an optional feature called ADSP.   This allows authors that sign all their mail to be self identified.  The effectiveness of this approach to dramatically cut down on spam still requires further testing. It also requires agreement on standards by all mainstream email vendors.

About Carl E. Reid

Developing his career from the mail room to the board room, Carl E. Reid has achieved success by skillfully blending 40 years of technology and business intelligence experience with his passion for helping companies succeed. Carl is founder and CEO of NetTECH Systems Reid & Associates, Inc., an emerging technology consulting company located in the New York City area. One of his specialties is 15 years as a collaboration and email infrastructure consultant. He has implemented and supported Lotus Notes/Domino and other types of SMTP gateway/network configurations in small to large global companies up to 33,000 employees. Some of his clients have included IBM, Citi, JPMChase, Oxygen, LVMH - Moet Hennessy, MeadWestvaco, non-profits and professional organizations. Carl is a Savvy Business Owner, Public Speaker and Author. His articles have appeared in Network World, Computer Monthly magazines and hundreds of web sites. Combining business technology consulting with professional blogging, Carl specializes in advising clients how to best leverage the Internet as a tool for high impact visibility. Carl's speaking style combines humor with expertise, and his advice is always down-to-earth and practical. He personally publishes Library of Congress recognized newsletter blog, http://www.SavvyIntrapreneur.com and http://www.iTechSpeak.com. Carl wrote the original "Professional Blogger Job Description", being used as standard document within companies. As a business career coach, Carl teaches professionals how to run their career as a profitable business.
  • (required)
  • (required)