Skip Links

Network World

  • Social Web 
  • Email 
  • Close

(Comma separation for multiple addresses)
Your Message:

Here's a different Microsoft/Yahoo story

Microsoft-backed Sender ID e-mail security technology works with Yahoo’s DKIM
By Carolyn Duffy Marsan , Network World , 02/11/2008
  • Share/Email
  • Tweet This
  • Comment
  • Print

As usual, Microsoft is going its own way when it comes to fighting e-mail fraud. But the good news for corporate IT executives is that Microsoft’s preferred approach, known as Sender ID, works with the emerging industry standard, DomainKeys Identified Mail (DKIM), which is backed by Yahoo, Google and others. (Read a Q&A with a Yahoo executive on DKIM and beyond.)

Sender ID requires ISPs and companies to publish Sender Policy Framework (SPF) records to identify their e-mail servers. SPF is an extension to the Simple Mail Transfer Protocol. 

DKIM, which was developed by the Internet Engineering Task Force, uses mail transfer agents to cryptographically sign outbound mail and to check inbound mail for DKIM signatures.

Many organizations recommend adopting both Sender ID and DKIM. These include BITS, which represents the 100 largest U.S. financial institutions, and the Authentication and Online Trust Alliance (AOTA).

``We endorse Sender ID and DKIM as complementary,’’ says Craig Spiezle, chairman of AOTA. ``Combined, they really provide comprehensive protection.’’

Sender ID has been widely deployed, while DKIM deployments are just beginning. For example, PayPal deployed Sender ID in early 2007 and is now deploying DKIM.

AOTA reports that 52% of the top consumer-facing financial service brands are authenticating their e-mail through Sender ID or DKIM. In addition, 54% of Internet retailers are using one of these approaches to authenticate their e-mail. AOTA studied over 100 million e-mails sent by Fortune 500 brands over a five-month period.

Overall, 37% of Fortune 500 companies are using Sender ID or DKIM, the study found. This is a significant increase from two years ago, when less than 10% of the Fortune 500 were authenticating outbound e-mail., AOTA says.

``It’s not a Sender ID or DKIM issue in my mind,’’ Spiezle says. ``It’s really about how they can be jointly deployed to provide overlapping strength.’’

Despite the industry momentum around DKIM, Microsoft won’t commit to it.

``E-mail authentication technology is an important method for helping to protect consumers and businesses from e-mail threats, such as spam and phishing,’’ a Microsoft spokesman said in a statement. ``Microsoft views DKIM as a complementary technology to the Sender ID framework, which was developed jointly by Microsoft and industry partners. Microsoft is constantly looking for new ways to bolster defenses and is investigating DKIM’s application, but has no firm plans to support it at this stage.’’

In the meantime, companies that want to deploy both Sender ID and DKIM will need to buy software or appliances from third-party vendors like Sendmail and IronPort.

``Microsoft has not committed to supporting DKIM,’’ says Greg Olson, director of product management at Sendmail. ``Microsoft is putting their weight behind their own sender authentication strategy called Sender ID. But Microsoft Exchange can work with a DKIM appliance. A Microsoft customer would need a third-party product to do DKIM.’’

  • Share/Email
  • Tweet This
  • Comment
  • Print

Comments (2)
Login
Forgot your account info?

Given SenderID is very similar to SPF its odd that it isn't mentioned...By Anonymous on April 3, 2008, 8:28 amSPF reaching %12.6[1] takeup of a large sample of domains makes it look like SenderID missed out on market dominance. [1] http://dns.measurement-factory.com/surveys/200710.html

Reply | Read entire comment

ARABIKBy Anonymous on January 12, 2010, 12:37 pmWHAT IS YOUR NAME?

Reply | Read entire comment

View all comments

Add comment
Anonymous comments subject to approval. Register here for member benefits.
Have a NetworkWorld account? Log in here. Register now for a free account.

Videos

rssRss Feed