Yahoo! and Cisco Join on Anti-Phishing Tech
Yahoo! and Cisco have joined two of their mail authentication technologies in a push to standardize efforts to wipe out phishing scams and some forms of spam.
Yahoo! and Cisco have announced the fusion of their e-mail authentication technologies into what the companies are calling "DomainKeys Identified Mail (DKIM)."
DKIM's two component technologies are Yahoo's DomainKeys, which utilizes public key cryptography and DNS to verify message senders and the integrity of messages; and Cisco's Indentified Internet Mail's header-signing abilities.
Under DomainKeys, each time a mail message is sent, the originating server uses a private key to generate a distinctive signature, and inserts that signature in the message's headers. Recipient servers then use the originating server's public key, published as part of its DNS record, to verify the message.
DomainKeys has already enjoyed some acceptance and favorable comparisons with rival specifications such as Sender Policy Framework (SPF) (define) and Microsoft's Sender ID for E-Mail (which utilizes SPF).
Though frequently described as an "anti-spam" technology, the thrust of DomainKeys, SPF, and similar approaches is less about curbing all forms of spam than it is confirming that a message originates from the server it claims to be sent from, though authentication will also serve to curb spammers that rely on open mail relays to send their messages.