[Cialug] DKIM

[Tom Pohl]

I use both DKIM and SPF on several domains (DKIM on all and SPF on  
*most*) and it has helped both reduce bounced spoofed From: messages  
as well as acceptance of legitimate email to other domains.

If you look at the headers of this message you'll see something like  
this:
Domainkey-Signature: 	a=rsa-sha1; q=dns; c=nofws; s=private;  
d=tcpconsulting.com; b=dPejcNrJ 
+qif0F5AxfMUx9mFL08Ge47QbTcMI1mfm9YwYzXzrFLl4z8HRofR3HUb;

The receiving mail server can determine if the signed message is  
legitimate by querying the TXT record of  
private._domainkey.tcpconsulting.com and verifying the signature  
against the public key available in DNS:
nslookup
 > set q=txt
 > private._domainkey.tcpconsulting.com
private._domainkey.tcpconsulting.com    text = "k=rsa\;  
p=MEwwDQYJKoZIhvcNAQEBBQADOwAwOAIxAMEunZofNkSsGbXA5j3qGl3NpCc 
+qGVus6VsrYteHHYRluKc0wNcDefZkNVhewhxuwIDAQAB"

If it matches, you have validated that the message was sent from the  
sending domain legitimately.  It does *not* mean that it isn't spam,  
just that it is a legitimate message from the sending domain.

-Tom


On Dec 20, 2007, at 11:21 AM, Matthew Nuzum wrote:

> Anyone here using DKIM/DomainKeys? I just found out about this  
> today when I noticed I was getting e-mails from people and gmail  
> would say "signed by: ..."
>
> As I understand it, this is a signing system that helps avoid  
> spoofing e-mail origins. If so, it sounds like this sytem, if  
> broadly deployed, could seriously help identify spam. Does this  
> sound right?
>
> If a signed message is deemed to be spam, it should be much easier  
> to track down and solve the problem than it has been.
>
> It looks pretty easy to deploy too.
>
> -- 
> Matthew Nuzum
> newz2000 on freenode
> _______________________________________________
> Cialug mailing list
> Cialug at cialug.org
> http://cialug.org/mailman/listinfo/cialug