Answer: Many legitimate email marketers and Internet ecommerce professionals are encouraging the implementation of email authentication standards to combat unsolicited bulk email (read: spam and phishing emails) that impinge on legitimate bulk email campaigns.
Email authentication verifies the identity of the source computer sending the email, matching the sender of the message to the domain that the email message is purportedly coming from. Currently, there are two common types of authentication enjoying widespread use: Sender Policy Framework (SPF) and DomainKeys.
SPFSender Policy Framework or SPF is an extension of Simple Mail Transfer Protocol (SMTP), the current standard for sending email. SPF was designed to address email spoofing, a spammer practice of forging of an email sender's address, by verifying information from the email message "envelope," mainly the return-path email address. Like a postal mail envelope, the email message envelope describes who the email message is from, and to whom it is going.
The authentication of the SPF record on the Domain Name System (DNS) server, responsible for a particular web domain, is what determines the message status (pass, fail, softfail, etc.) that is subsequently passed to the recipient mail server.
The SPF record specifies which email servers are allowed to send email for a particular domain. The DNS server manages the network of computers connected to a domain. These include the "A" record, which indicates the web server for that domain, a pointer record (PTR) that manages the reverse DNS lookups, and mail exchange (MX) records, which are the mail servers responsible for delivering email for the domain. SPF simply performs a check on one or more of these computers to verify to the recipient mail server their status. In other words, it authenticates them.
SPF by itself does not prevent spam (the recipient mail server reads the information in the SPF file, then makes a delivery determination based on the status); however, there are many larger ISPs using SPF for authentication, including MSN and Gmail. The way to tell for sure if SPF is being used is to look for the SPF status in the email headers. A typical response from a server with SPF implemented may have a header that looks like this:
Received-SPF: pass
DomainKeysDomainKeys is an authentication system independent of SMTP protocol and deals with email headers which are outside the message envelope. DomainKeys was designed to identify email spoofing and does not directly prevent abusive behavior, but it does make such behavior easier to track. Yahoo! implemented DomainKeys in 2004 for its outbound email, and since 2005 has tracked incoming keys.
To implement DomainKeys, the SMTP server operator specifies a public/private key pair. The public key is located on the DNS server, and the private key is configured on the SMTP server. When sending emails, the SMTP checks in with the DNS, and if verified, adds a DomainKeys signature to the message headers. The receiving server then reads the signature and checks the public key on the DNS server to verify the signature. It then uses that information to apply a rule or deliver the email to the final recipient. If there is no match, the message can be ignored, since it is apparently a spoof.
When Yahoo! receives an email that doesn't have a key pair specified, it will simply indicate in the message header a neutral domain key signature. Yahoo! could eventually reject email messages that are not digitally signed, but currently it delivers neutrally sighed messages. To determine if a server implements DomainKeys, look at the full headers of the email received. A typical DomainKeys header looks like this:
Authentication-Results: mail.someisp.com from=email.somedomain.com; domainkeys=pass (ok)
SummaryEmail message senders are responsible for implementing both SPF and DomainKeys at the SMTP server and DNS level, although neither authentication format is mandatory at this time. While these authentication policies are not required now, as more ISP email providers utilize these methods to determine legitimate email messages, the greater impact they will have on email message delivery.
This article was authored by Arial Software, a developer of e-mail marketing newsletter software that sends personalized e-mails. For more information visit www.ArialSoftware.com
The Health Ranger recommends and personally uses Aquasana water filters:
NaturalNews Exclusive: FREE decanter with *any* purchase from Aquasansa. Click here to claim:
 |
Related Articles:
|
Take Action: Support NaturalNews.com
 Email this article to a friend
 Share this article on: NewsVine | digg | del.icio.us
Permalink to this article: http://www.NaturalNews.com/001418.html
Reprinting this article: Non-commercial OK, cite NaturalNews.com with clickable link.
Embed article link: (copy HTML code below):
|
 |
 |
Receive our Natural Health Newsletter for FREE
 Subscribe now to receive a summary of each day's most important natural health stories, plus get full, free access to the entire archives of books on HealthBookSummaries.
You'll also get access to 20+ free downloadable reports and exclusive interviews here on NaturalNews.com. Join over 1.2 million monthly readers. Unsubscribe anytime. Your email privacy is protected. We absolutely do not sell or share email addresses with anyone!
- Receive breaking news alerts on natural health solutions, renewable energy, the environment, global warming and more.
- Get instant access to over 20 downloadable health reports and exclusive interviews.
- Get full access to the entire archives of downloadable book summaries from HealthBookSummaries.com.
|
|
 |
 |
 |
|
 |
Featured Videos
Short clip on Aspartame
A short clip on aspartame from the documentary All Jacked Up.
Click here to view now...
Exclusive video on Aspartame
The dangers of aspartame! Exclusive interview footage from Cori Brackett of Sweet Remedy.
Click here to view now...
Exclusive Footage from All Jacked Up!
See interview footage featuring the Health Ranger in the upcoming junk food film, All Jacked Up.
Click here to view now...
Drug Ad Parody
See the Health Ranger's satire parody of Merck's cholesterol drug ad.
Click here to view now... |
|
Printable Version
