Oct
18
2011

Experian CheetahMail authenticates with DKIM

 

While many of us find McLovin’s attempt to skirt the local liquor store attendant with a fake ID in Superbad humorous, a ruse of your brand via email is absolutely no laughing matter. In a phishing attack, a Sender attempts to trick a recipient into divulging confidential information under the pretense of a trustworthy brand entity. When such an attack happens, the impression generated by consumers can spell tragedy for the actual brand.

One of best ways to prevent phishing is to be proactive by employing domain name authentication. Authentication serves to protect your brand by providing a valid identity on a sending domain. Once authenticated, receivers then use it as a foundation for applying reputation and accreditation as well as a tool for more accurate filtering. CheetahMail is happy to announce that we have rolled out DKIM authentication behalf of all our clients. Top global webmail providers such as AOL, Gmail, Windows Live Hotmail & Yahoo are now incorporating DKIM into their filtering algorithm as a way to establish domain-based reputations for senders.

DKIM is an update from the next previously implemented Domain Keys authentication which was introduced by Yahoo in 2004. To employ DKIM, the Sender must insert coding containing two keys into the header section of the message, so that each message is authenticated. The coding contains a private key, which is undisclosed and exclusive to the sending domain, and as well as a public key, which is broadly accessible via the Domain Name System (DNS). DNS is a human-friendly system of associating domain names with IP addresses and is used by Receivers as validation of the Sender. To complete the process, the Receiver recovers the signer’s public key using the DNS and then verifies the DKIM signature via the private key.

While in the past, reputation was for the most part limited to IPs, DKIM now sets the stage for domain-based reputation. This is an important step in the fight against phishing as spammers are no longer able to use disposable and transient IPs and hide behind a made-up domain.

It’s important to note that IP-based reputation is not going away, it just means that domain-based reputation should be considered an enhancement to reputation establishment. Of course, continuing to utilize best practices such as mailing to a clean, engaged subscriber base will allow for both positive IP and domain reputation as well as good deliverability.  For more information on the advantages and challenges domain reputation brings about, please see Domain-based Reputation Explained.


Comment are closed.