DomainKeys Identified Mail (DKIM) is the latest technology to
take on phishing attacks, which are attempts to steal vital bank or
shopping account information from users via fake emails. Using
digital signatures embedded in mail, the technology can ensure that
a message that claims to be from your bank is telling the
truth.
"DKIM is the email authentication framework and is addressing
forgery issues," Dennis Dayman told weekly technology law podcast
OUT-LAW Radio. Dayman is director of
deliverability at email infrastructure firm Strongmail Systems.
"The way that we do that is using cryptography to verify who sent
the message."
"What DKIM does is allow us to identify the source of the email:
did this person send that email? And if they did, we go to a second
process, which is looking at the reputation of that sender, are
they a good sender? Are they a spammer?" said Dayman.
DKIM works by digitally signing every outgoing mail from a
domain. If the email recipient also uses DKIM, it checks the email
signature against a publicly published signature for that domain as
a whole. If the two signatures do not match or if there is no
signature on an incoming mail but there is one attached to the
domain, then the system knows that the mail did not come from where
it claims it did.
This stops phishing, which depends on email users believing that
emails come from a company they deal with when in fact they come
from a fraudster. But email experts said that the system could end
up combating spam as well.
"It's only very indirectly an anti-spam tool," said Jim Fenton,
an engineer at routing giant Cisco who has been instrumental in
DKIM's development. "Spammers can sign their messages just as well
as anyone else can; it's very easy to register a domain and sign
messages from that domain."
"The advantages are that they won't be able to sign messages
coming from my email address, and the other thing is that it gives
a reliable identity on which a reputation or an accreditation can
be based. You can use it to key into these reputation systems in a
way you can't currently because the source email address is too
unreliable," he said.
Eric Allman is an email pioneer and founder of Sendmail. He said
that anti-spam functions will only emerge if DKIM becomes
ubiquitous.
"Right now an unsigned message has no suspicion because most
messages are unsigned," said Allman. "In the future if we get to
the point where most messages are signed, and come from a place of
a good reputation, then something that is either unsigned or comes
from a place with a bad reputation becomes suspicious."
"It's kind of incidental to spam, so we may get into a position
where we force spammers to at least be traceable back to where they
came from," said Allman. "That makes it easier to at least take
action against them. So once again it's an indirect effect, but I
think it's a very real effect on spammers."
