Skip Links

Network World

  • Social Web 
  • Email 
  • Close

Here's a different Microsoft/Yahoo story

Microsoft-backed Sender ID e-mail security technology works with Yahoo’s DKIM
By Carolyn Duffy Marsan , Network World , 02/11/2008
  • Share/Email
  • Comment
  • Print

As usual, Microsoft is going its own way when it comes to fighting e-mail fraud. But the good news for corporate IT executives is that Microsoft’s preferred approach, known as Sender ID, works with the emerging industry standard, DomainKeys Identified Mail (DKIM), which is backed by Yahoo, Google and others. (Read a Q&A with a Yahoo executive on DKIM and beyond.)

Sender ID requires ISPs and companies to publish Sender Policy Framework (SPF) records to identify their e-mail servers. SPF is an extension to the Simple Mail Transfer Protocol. 

DKIM, which was developed by the Internet Engineering Task Force, uses mail transfer agents to cryptographically sign outbound mail and to check inbound mail for DKIM signatures.

Many organizations recommend adopting both Sender ID and DKIM. These include BITS, which represents the 100 largest U.S. financial institutions, and the Authentication and Online Trust Alliance (AOTA).

``We endorse Sender ID and DKIM as complementary,’’ says Craig Spiezle, chairman of AOTA. ``Combined, they really provide comprehensive protection.’’

Sender ID has been widely deployed, while DKIM deployments are just beginning. For example, PayPal deployed Sender ID in early 2007 and is now deploying DKIM.

AOTA reports that 52% of the top consumer-facing financial service brands are authenticating their e-mail through Sender ID or DKIM. In addition, 54% of Internet retailers are using one of these approaches to authenticate their e-mail. AOTA studied over 100 million e-mails sent by Fortune 500 brands over a five-month period.

Overall, 37% of Fortune 500 companies are using Sender ID or DKIM, the study found. This is a significant increase from two years ago, when less than 10% of the Fortune 500 were authenticating outbound e-mail., AOTA says.

``It’s not a Sender ID or DKIM issue in my mind,’’ Spiezle says. ``It’s really about how they can be jointly deployed to provide overlapping strength.’’

Despite the industry momentum around DKIM, Microsoft won’t commit to it.

``E-mail authentication technology is an important method for helping to protect consumers and businesses from e-mail threats, such as spam and phishing,’’ a Microsoft spokesman said in a statement. ``Microsoft views DKIM as a complementary technology to the Sender ID framework, which was developed jointly by Microsoft and industry partners. Microsoft is constantly looking for new ways to bolster defenses and is investigating DKIM’s application, but has no firm plans to support it at this stage.’’

  • Share/Email
  • Comment
  • Print
Partner Content

Brilliantly simple security and control solutions for email, web and endpoint

www.sophos.com

Stopping data leakage

Learn how to exploit your current security investment to control the information that flows into, through and out of your network.

Download the white paper.

Why detection rates aren't enough

Evaluating endpoint security products is a time-consuming and daunting task. Learn the six critical questions you need to ask prospective vendors to get the right endpoint solution.

Download the white paper.

Applications: taking back control

Employees installing unauthorized applications is a growing threat to business security and productivity. Cost-effectively reduce this threat by integrating control into your malware protection.

Learn more today.

Comments (1)
Login
Forgot your account info?

Given SenderID is very similar to SPF its odd that it isn't mentioned...By Anonymous on April 3, 2008, 8:28 amSPF reaching %12.6[1] takeup of a large sample of domains makes it look like SenderID missed out on market dominance. [1] http://dns.measurement-factory.com/surveys/200710.html

Reply | Read entire comment

View all comments

Add comment
Anonymous comments subject to approval. Register here for member benefits.
Have a NetworkWorld account? Log in here. Register now for a free account.

Videos

rssRss Feed