- Home
- Products
- Services
- Solutions
- Asterisk Consulting | Open Source PBX Solution | VoIP Consulting
- Customer Relationship Management Solutions
- Embedded Linux Solutions
- Load Balancing High Volume Solutions
- MySQL | MySQL Clustering | SQL Database Consulting
- Open VPN Solution, Low cost VPN Solution, Open source VPN solution
- Enterprise Email
- Instant Messaging
- Security Firewall
- Network Optimization
- Server Migration
- Thin Client Solutions
- Support
- Training
- Resources
- About Open Source
- Beginning Asterisk Handbook
- Myths of VoIP Communication
- Step by Step Yahoo DomainKeys Implementation Howto on Debian Linux
- Benifits Of Linux In Business
- Benifits Of Linux In Open Source
- Linux Now
- Linux Vs Windows
- Linux for S/390 and the virtual server concept
- Minimize cost Of Ownership
- Why Migrate To Linux
- News
Our Brochure
Easy way to get the answers you need.
AntiSpam - Yahoo! DomainKeys Implementation Guide
What is DomainKeys ?
DomainKeys is a technology proposal that can bring black and white back to this decision process by giving email providers a mechanism for verifying both the domain of each email sender and the integrity of the messages sent (i.e,. that they were not altered during transit). And, once the domain can be verified, it can be compared to the domain used by the sender in the From: field of the message to detect forgeries. If it's a forgery, then it's spam or fraud, and it can be dropped without impact to the user. If it's not a forgery, then the domain is known, and a persistent reputation profile can be established for that sending domain that can be tied into anti-spam policy systems, shared between service providers, and even exposed to the user.
Who benefits from DomainKeys ?
For well-known companies that commonly send transactional email to consumers, such as banks, utilities, and ecommerce services, the benefits of verification are more profound, as it can help them protect their users from "phishing attacks" - the fraudulent solicitation for account information, such as credit card numbers and passwords, by impersonating the domain and email content of a company to which users have entrusted the storage of these data. For these companies, protecting their users from fraud emails translates directly into user protection, user satisfaction, reduced customer care costs, and brand protection.
What is Phishing ?
Phishing attacks use both social engineering and technical subterfuge to steal consumers' personal identity data and financial account credentials. Social-engineering schemes use 'spoofed' e-mails to lead consumers to counterfeit websites designed to trick recipients into divulging financial data such as credit card numbers, account usernames, passwords and social security numbers. Hijacking brand names of banks, e-retailers and credit card companies, phishers often convince recipients to respond. Technical subterfuge schemes plant crimeware onto PCs to steal credentials directly, often using Trojan keylogger spyware. Pharming crimeware misdirects users to fraudulent sites or proxy servers, typically through DNS hijacking or poisoning.
Read more about Phising here.
Founder of Enterux are members of the AntiPhising Work Group - APWG and are actively participating to report and minimize phising attempts.
How DomainKeys Works ?
How it Works - Sending Servers
There are two steps to signing an email with DomainKeys:
- Set up: The domain owner (typically the team running the email systems within a company or service provider) generates a public/private key pair to use for signing all outgoing messages (multiple key pairs are allowed). The public key is published in DNS, and the private key is made available to their DomainKey-enabled outbound email servers. This is step "A" in the diagram to the right.
- Signing: When each email is sent by an authorized end-user within the domain,
the DomainKey-enabled email system automatically uses the stored private key
to generate a digital signature of the message. This signature is then pre-pended
as a header to the email, and the email is sent on to the target recipient's
mail server. This is step "B" in the diagram to the right.
How it Works - Receiving Servers
There are three steps to verifying a signed email:
- Preparing: The DomainKeys-enabled receiving email system extracts the signature
and claimed From: domain from the email headers and fetches the public key from
DNS for the claimed From: domain. This is step "C" in the diagram to the right. - Verifying: The public key from DNS is then used by the receiving mail system
to verify that the signature was generated by the matching private key. This
proves that the email was truly sent by, and with the permission of, the claimed
sending From: domain and that its headers and content weren't altered during
transfer. - Delivering: The receiving email system applies local policies based on the
results of the signature test. If the domain is verified and other anti-spam
tests don't catch it, the email can be delivered to the user's inbox. If the
signature fails to verify, or there isn't one, the email can be dropped, flagged,
or quarantined. This is step "D" in the diagram on the right.
In general, Yahoo! expects that DomainKeys will be verified by the receiving email
servers. However, end-user mail clients could also be modified to verify signatures
and take action on the results.
For more details regarding Yahoo! DomainKeys click here
If you require specilized consulting on Implementing DomainKeys on your server fill out the form here
If you require Hosting on Yahoo! DomainKeys Enabled Email Server kindly contact us