Summary: Not all large ISPs are using SPF to identify the e-mail sender. Yahoo! Mail has put its influence behind DomainKeys, which uses public and private cryptographic keys to digitally sign and e-mail message and prevent header forgery. It's still in the testing stage, but it's a technology that needs to succeed.

Yahoo! feels that e-mail needs a stronger approach to forgery that that offered by SPF (Sender Policy Framework), since spammers can fake some aspects of SPF. Their solution is DomainKeys, which is still in the early stages of study and acceptance, so I don't recommend adopting it yet, but something like DomainKeys is necessary to prevent header forgery.

Essentially DomainKeys consists of "signing" e-mail with an encrypted "signature" contained in the header. This system uses a public key/private key system that has been widely used in SSL secure communications between a customer's web browser and an online store, between a user and an online banking site, etc.

The private key is required to encrypt the signature, which would be done by the outbound e-mail server as the e-mail is sent out. The public key to verify the signature would be published in the domain's DNS record and checked when an e-mail message is received to make sure the signature hasn't been forged.

Thus e-mails containing signed DomainKeys contain an unforgable system of verifying the sender and contents of the e-mail message.

At this point, DomainKeys is in an early stage, with pilot projects being run. If widely adopted, it holds the promise of stopping fraudulent phishing attacks and identify spam messages.

Resource:

DomainKeys: Proving and Protecting Email Sender Identity. http://antispam.yahoo.com/domainkeys

Subscribe to our free e-mail newsletter -- Web Marketing Today®, published worldwide. Just to encourage you to take this step, I'm including three free e-books that you can download and read: The Web Marketing Checklist: 32 Ways to Promote Your Website, 12 Website Design Decisions Your Business Will Need to Make, and Making & Marketing E-Books, each worth $12 -- just for subscribing. No catch. First Last E-mail Country (2-letter abbreviation) Preferred Format Plain text HTML We respect your privacy and never sell or rent our subscriber lists. Subscribing will not result in more spam! I guarantee it!

Copyright © 1995-2008 by Ralph F. Wilson, all rights reserved. Content, graphics, and HTML code are protected by US and International Copyright Laws, and may not be copied, reprinted, published, translated, hosted, or otherwise distributed by any means without explicit permission. Trademarks and terms of use.