DomainKeys comes to Office Watch

Future Office Watch newsletters will include DomainKeys authentication.

Future Office Watch newsletters will include DomainKeys authentication. DomainKeys is a method of verifying that the sender and content of a message really comes from the web site it’s alleged to be sent from. Many popular Internet services such as Yahoo and Google use DomainKeys for both incoming and outgoing email.

For most Office Watch readers there will be no obvious difference and NO ACTION is required by any Office Watch subscriber.

Email systems that are DomainKeys compatible will do the appropriate checks before the message reaches the end user. Non-compatible systems should ignore the DomainKeys information entirely.

If you’re curious you can dig into email message headers you can see DomainKeys information like this:


DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=2008;
office-watch.com;h=from;b=eJJLPhxyEZ8cOqyAhxyEZ8cOqy==

Some mail receivers (like Google’s Gmail) will add information based on their test of the DomainKeys information.

We hope that DomainKeys will help the small number of readers who have trouble receiving their Office Watch newsletters. Some legitimate messages are blocked by overzealous spam filters on ISP’s and other mail hosts before they reach you or your personal spam filters.

Email spam and phishing take advantage of two major problems with the Internet email system. Basic email has no way to verify that the sender of a message is really originating from the domain named – for example a message you get from “freddagg.com” might not really come from someone at that domain. It’s absurdly easy to fake the sender of an email which is why you get messages supposedly from banks, stores and even cable news networks.

The other problem is verifying that the message you receive is exactly the same as the one that was sent. In theory a message you send can be tampered with en-route before forwarding to the receiver.

Fixing these problems isn’t easy. Email is very popular but isn’t run from a common set of programs. There are all sorts of email clients and mail servers that can handle your messages in a variety of manufacturers and versions . While they obey some basic standards there has been no conformity in applying newer email standards to limit spam and phishing.

Corporate interests often are more important than the best interests of email users worldwide. A list of DomainKeys supporters is notably omitting Microsoft which has a rival technology ‘SenderID’. At this stage DomainKeys is more widely accepted than SenderID which is why we’ve chosen the former.

Neither system is perfect; the Wikipedia articles on DomainKeys and SenderID summarize the various concerns.