The DomainKeys Identified Mail system, a tool that could help in the battle against spam and phishing attacks by validating the identity of the sender of an e-mail, has received industry approval. DKIM uses encrypted digital signatures to prove a message's origin and a draft standard has been accepted by the Internet Engineering Task Force, the umbrella group representing firms such as Yahoo, Cisco, Sendmail and PGP Corporation. The firms have pledged to work with ISPs, businesses and financial institutions to roll out the technology as soon as possible. Protecting e-mail users from scams was a top priority, said Mark Delany, lead architect for Yahoo Mail and author of DomainKeys.
Establishing the identity of a sender remains a key consideration in the protection against spam as spammers tend to get away with sending spoofed e-mails because mail servers only check if a domain mentioned in these spoofed addresses is known to be used by spammers. DKIM allows honest e-mail senders prove they sent a message by encrypting a two-part key in a selected part of the mail. The e-mail provider puts an encrypted private key, which is linked to a public key held by the internet's domain name system, into the e-mail when it is sent. The mail server which receives the e-mail checks to ensure that the private and public keys match, proving that the message has come from a genuine sender. However, both the sender and recipient need their mail services to be signed up to DKIM.
News source: BBC News
Establishing the identity of a sender remains a key consideration in the protection against spam as spammers tend to get away with sending spoofed e-mails because mail servers only check if a domain mentioned in these spoofed addresses is known to be used by spammers. DKIM allows honest e-mail senders prove they sent a message by encrypting a two-part key in a selected part of the mail. The e-mail provider puts an encrypted private key, which is linked to a public key held by the internet's domain name system, into the e-mail when it is sent. The mail server which receives the e-mail checks to ensure that the private and public keys match, proving that the message has come from a genuine sender. However, both the sender and recipient need their mail services to be signed up to DKIM.
News source: BBC News
I do wish they could scrap everything and start over, but email's too heavily entrenched in its current, insecure form to just rip out and throw away wholesale.
Seems to me that someone could come up with a different protocol to use concurrently with email (you could call it something like iMail) until the new protocol took hold – much like IPv4 and IPv6 are now being used.
Commenting has either been disabled on this article or you are not logged in. Click here to login or register, its free!
Note: Anonymous commenting is disabled in order to keep the quality of responses to a high standard.