Saturday, February 2, 2008

State of e-mail authentication

Authentication And Online Trust Alliance has published a report that reviews current situation of e-mail authentication among large companies and ogranizations. The report says that more than a half of all e-mail is authenticated. What does this mean?

Authentication of the sender is an important step in fight against unauthorized e-mail. Now, when so much e-mail is authenticated, it's vital that the verification takes place on all stages of e-mail processing, and that e-mail is handled properly (this includes acceptance of the valid authenticated e-mail and lowering the weight of other factors when e-mail is authenticated right).

The most widespread authentication mechanisms are Sender ID (formerly SPF) and DKIM (formerly DomainKeys).

The report itself can be found here.

You will find lots of useful information, related to authentication schemes, their supporters etc. in this report.

MIMEBlackbox package of SecureBlackbox includes both signing and verification of DKIM-signed e-mails.

No comments: