DKIM : Java Glossary

home page go to the Java Glossary Home go to the Computer Buyer’s Glossary up jump to foot of page Google search web for more information on this topic
punctuation 0-9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z (all)
©1996-2013 2009-01-24 Roedy Green, Canadian Mind Products
DKIM
DKIM (Domain Keys Identified Mail) is an email authentication system designed to verify the DNS (Domain Name Service) domain of an email sender and the message integrity. In other words it is a digital signature system to ensure an email purporting to come from some ISP (Internet Service Provider) actually came from them, and was not tampered with. It does not verify the actual sender, however. This helps track down ISPs (Internet Service Providers) who harbouring spammers and phishers.

DKIM uses DNS-based self-certified keys. Because the scope of DKIM is limited, it does not need generalized, powerful, expensive, long-term certificates, issued by separate certificate authorities. The sender generates private/public key pair for the domain as if for SSL (Secure Sockets Layer). The sender broadcasts the public key to the Internet at large by registering it as a phony sub DNS name.

DKIM-signed messages don’t require the recipient to implement the signing protocol. Checking incoming mail is optional. It is implemented with an extra line in the header of the message of type DKIM-Signature that is usually ignored.

You might think the spammer could successfully spoof a domain simply by leaving the DKIM-Signature header off. But once the recipient knows that a domain supports DKIM, ever after he rejects all unsigned mail purporting to be from that domain. The spammer has to counterfeit a domain that does not sign with DKIM. That domain then becomes suspect, which encourages them to implement DKIM. If all goes well, everyone will eventually support DKIM, leaving the spammers no reputable domain to spoof.

authentication
digital signature
email
phishing
software supporting DKIM
spam
CMP homejump to top

available on the web at:

 http://mindprod.com/jgloss/dkim.html
  

optional Replicator mirror
of mindprod.com
on local hard disk J:

 J:\mindprod\jgloss\dkim.html
logo
Please email your , letters to the editor, errors, omissions, typos, formatting errors, ambiguities, unclear wording, broken/redirected link reports, suggestions to improve this page or comments to Roedy Green : feedback email. If you want your message, your name or email kept confidential, not considered for public posting, please explicitly specify that. Unless you state otherwise, I will treat your message as a letter to the editor that I may or may not publish in the feedback section. After that, it will be too late to retract it. If you disagree with something I said, especially when sending an ad-hominem attack, a rant composed mainly of obscenities or a death threat, please quote the offending passage and cite the web page where you found it, tell me why you think it is wrong, and, if possible, provide some supporting evidence. I can’t very well fix erroneous or ambiguous text if I can’t find it.
Blog
IP:[65.110.21.43]
Your face IP:[54.234.42.16]
You are visitor number 11.