Last May, a new anti-spam system, called DomainKeys Identified Mail, received the preliminary approval of the Internet Engineering Task Force, a leading Internet standards body. This innovative system, based on cryptographically secure digital signatures, promises to become the Nemesis of spammers, phishers and other Internet fraudsters.
Straightforward
Jointly developed by Yahoo, Sendmail, PGP Corporation and Cisco Systems, this e-mail authentication system is straightforward. When a bona fide company sends an e-mail message to its clients or members, its mail server embeds a digital signature in the headers of outgoing messages. Recipients can then automatically check the company’s domain name server (DNS) listing to validate the authenticity of the signature and consequently the message. If validation fails, then the message is in all likelihood spam, a phishing attack or any other variant of online mischief.
More promising than other technologies
DomainKeys holds greater promise than currently available anti-spam and anti-phishing systems based on the compilation of blacklists or the identification of common characteristics, since the digital signatures it uses are regarded as unforgeable.
Yet, as with all technology of this kind, DomainKeys is not without its shortcomings: it is only effective if both the sender and recipient’s mail systems are upgraded to support the standard. In addition, it does not flag spam sent by legitimate companies or identify junk e-mail sent from a DNS with a clean DomainKeys track record. Nevertheless, both are short-term problems that should be solved in the near future.
