News

Email providers push DMARC email authentication to combat phishing

SearchSecurity.com Staff

A group of more than a dozen major email providers and technology giants have announced new email authentication standards that they say could help reduce spam and phishing.

    Requires Free Membership to View

Domain-based Message Authentication, Reporting and Conformance (DMARC) is being supported by Google, Facebook, LinkedIN and PayPal among others, with the hope that the technology can be adopted and scale. DMARC uses the SPF and DKIM mechanisms, which work on the basis of verifying sender IP addresses and domain names.

The working group intends to submit its DMARC specification to the IETF for standardization. The goal is to roll out the standard so service providers and enterprises can verify their support the domain key authentication specifications on their email servers. Under the standards, banks, e-commerce providers would attach a cryptographic digital signature to each message. Meanwhile email providers would verify IP addresses to block spam.

“A DMARC policy allows a sender to indicate that their emails are protected by SPF and/or DKIM, and tells a receiver what to do if neither of those authentication methods passes - such as junk or reject the message,” according to the working group.

The standard is also being rolled out to enable recipients report back to the sender whether the message failed to authenticate properly or other problems exist.

PayPal has been using SPF and DKIM with Yahoo since 2007. The company also works with Gmail to authenticate its emails. In addition to PayPal, the working group lists six other early adopters, including Google, LinkedIN, Return Path, American Greetings and Agari.


There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: