One of the key challenges for email users today is whether or not they can trust that the email they receive is not a scam (i.e. phishing). It is also important to understand what a sender should be doing to help bring trust back to email through sender authentication. My previous column in SecurityWeek highlighted best practices for implementing DomainKeys Identified Mail (DKIM) as a receiver of email. Now, in this latest SecurityWeek column, I focus on sender authentication, a set of technologies that help bring trust back to email.
Here’s a highlight of the best practices for sender of email (DKIM signers) that I focus on in this column:
- Sign all your mail
- Delegate keys to third-parties
- Use the test flag when first implementing DKIM
- Do not expect user-level signing to work
Companies that implement these best practices along with compliance with CAN-SPAM, and comply with message and connection rates, will see deliverability of their email increase. My contributed column, “Deploying DKIM for Increased Email Deliverability”, in SecurityWeek can be viewed here.
Hope you have the time to read the article and if you have any further questions on this topic, feel free to comment below.