DomainKeys

In the Yahoo anti-spam system, an e-mail message would have the originating domain's private key securely embedded in its header. When the message arrives at its destination, the key can be compared to the stated domain's public key in the domain name system (DNS) listings to verify that it actually comes from where it says it comes from. Messages that originate from known sources of spam or from domains other than the one they claim to be from could be rejected by the recipient's server.

The Internet community is divided on whether or not the Yahoo effort is likely to work. For one thing, the software would have to be widely accepted to be successful. Furthermore, some critics believe if DomainKeys was broadly implemented it would lead to an unacceptable slowing of transmission due to the extra handling of each message. Another concern is that spammers could carry out replay attacks, in which the attacker intercepts messages, steals legitimate digital signatures, and then forges messages using them. However, such problems are not insuperable. Proponents argue that Yahoo has a potential solution to the spam problem in DomainKeys and that, with the ever-increasing glut of spam on the Internet, we should give even possible solutions a good trial before dismissing them.

There are a number of similar spam solutions proposed, including Sender Permitted From (SPF), the Designated Mailers Protocol (DMP), and Reverse Mail Exchange (RMX).

Read more about DomainKeys: - PC Magazine mentions Domain Keys in the article "Congress, Yahoo! Slam Spam." - BusinessWeek online explores some of the criticisms of DomainKeys in the article "Yahoo's Risky Antispam Gambit." - Broadband Reports.com has more information and a discussion about the DomainKeys dispute.

Do you have something to add to this definition? Let us know. Send your comments to techterms@whatis.com

BROWSE BY TAG Application and Platform Security,   Email Protection,   Email and Messaging Threats (spam, phishing, instant messaging),   VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT How to prevent brute force webmail attacks Expert Sherri Davidoff explains why brute-force attacks on webmail accounts are such a popular hacking technique. Unified communications: Securing a converged infrastructure With so many different communications systems being combined, it can be tough to know where to start when it comes to security. In this video, John... Chained Exploits: How to prevent phishing attacks from corporate spies Ever wonder if someone is monitoring everywhere you go on the Internet? In this chapter excerpt, learn how to keep corporate spies at bay.

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary CAPTCHA  (SearchSecurity.com) A CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) is a test, used with challenge-response systems, that's... challenge-response system  (SearchSecurity.com)