In a combined effort to fight spam, Yahoo and Cisco Systems have announced an
authentication technology designed to combat e-mail forgery by verifying the address of origin
of e-mail messages.
The combined technology solution will be called DomainKeys Identified Mail (DKIM),
Domain-Keys from Yahoo And Internet identified mail from Cisco. DKIM is a unified e-mail
authentication proposal that enhances consumer protection from e-mail forgery, and
enhances accountability for spam and phishing scams.
This approach uses public key cryptography to allow users to verify and maintain message
integrity, and identifies legitimate messages.
DKIM uses the Internet's Domain Name System (DNS) in the same manner as DomainKeys.
DKIM also leverages Identified Internet Mail's header-signing technology, ensuring signature
consistency as messages are sent through the network.
The benefits of signing e-mail using DKIM can be significant for companies that commonly
send transactional e-mail to consumers, such as banks, utilities, and e-commerce services.
Yahoo has developed and implemented DomainKeys technology in an effort to address the
growing threat of e-mail forgery. DomainKeys leverages public-key cryptography to verify the
sender of an e-mail message at the domain level. A sending system uses a private key to
generate a signature and inserts the signature in the e-mail header; and the receiving e-mail
system uses the public key, published in the Internet's Domain Name System, to verify the
signature of the e-mail.