- How to make new stuff from your piles of obsolete tech
- Why your computer sucks
- 10 recession-proof IT skills
- Juniper execs share network vision
- 9-year-old plots his fifth Microsoft certification
Experts say that a company needs to take three steps to deploy the emerging DomainKeys Identified Mail (DKIM) standard.
DKIM is an emerging e-mail authentication standard supported by Yahoo, Google and others and that was developed by the Internet Engineering Task Force. DKIM allows an organization to cryptographically sign outgoing e-mail to verify that it sent the message. Here are the three steps enterprises need to take to deploy DKIM:
1. Figure out all the domains that are allowed to send outbound mail on its behalf. Often this includes multiple corporate domains as well as third-party e-mail marketing companies.
2. Create DNS text records that include DKIM information for every domain that is used to send e-mail.
3. Upgrade all message transfer agents (MTA) -- either software or appliances -- to support DKIM. MTAs are the last component of a messaging system to touch outbound e-mail. That’s where DKIM signatures are attached.
The first step is the hardest, experts say.
``The greatest challenge of any deployment of DKIM is identifying all the domains I have and all the people sending mail on my behalf,’’ says Greg Olson, director of product management at Sendmail, which started shipping a DKIM-compliant e-mail appliance in November.
``The biggest issues are not technical. They’re operational and procedural. It’s knowing who can send mail on your behalf and managing that,’’ says Craig Spiezle, chairman of the Authentication and Online Trust Alliance. ``Right now, it’s very decentralized. There are a lot of organizations sending e-mail on a corporation’s behalf.’’
Large multinational corporations may have to upgrade a dozen or more e-mail appliances to support DKIM (see story on how DKIM is attacking e-mail fraud). But most vendors are offering DKIM as a plug-in or additional feature that’s part of a new version of the software. Experts say this upgrade is straightforward.
``I’m not aware of anyone who is charging extra for DKIM,’’ says Patrick Peterson, vice president of technology for IronPort, a Cisco-owned company whose e-mail appliances support DKIM. ``It’s just part of a regular upgrade.’’
Rss FeedRss Feed
The Leader in Network Knowledge
Comment