Authenticating the Most Important Messages

Posted by J.D. Falk on

A few weeks ago, in Don’t Make It Easy For The Phishers we explained how you can use DKIM to ensure that all inbound mail which purports to be from your domain is real — and configure your filters to treat all other messages suspiciously.

In the real world, however, things can be a bit more complicated. Legitimate third parties — SalesForce, social networks, the 3rd party benefit sites favored by HR departments — forge your domain in mail to your users all the time. Keeping track of each of these can be impossible. Worse, in an ISP environment, you don’t really have that much control over what your users send.

But that doesn’t mean you can’t still gain some benefit from DKIM.

An easy approach is to separate your mail into multiple categories, multiple streams, each signed with a different key and identified with a different d= string. For example, you could have d=official.example.net for official corporate messages, d=users.example.net for the general userbase, delegate d=promotions.example.net to an ESP for marketing activities, and so forth.

And if you control your users’ mail interface, you can set up filters and rules to highlight these official messages; that way, if they get a message that claims to be official yet doesn’t have the highlighting, they’ll know to be suspicious.

Whether you use one d= string or many, Return Path’s Domain Assurance tool can help you monitor what those (and other) messages are doing. Our monitoring dashboard will show you which mail streams have authentication set up correctly, and which don’t — and which external streams, claiming to be you, need to be gotten under control. Contact us for more info, and be sure to mention this article.


Popular this Month

 3 Trends Impacting Email: Persistent Fraud, Part 2

3 Trends Impacting Email: Persistent Fraud, Part 2

In part one of this three-part series, I examined the evolving landscape of...

Read More

 The Top 16 Topics of 2016

The Top 16 Topics of 2016

2017 is finally here! But before we focus on the year ahead, we wanted to...

Read More

 Think Fighting Email Fraud is Someone Else’s Job? Here’s the Real Cost of Doing Nothing.

Think Fighting Email Fraud is Someone Else’s Job? Here’s the Real Cost of Doing Nothing.

Cyberattacks against your brand can be very damaging and costly to both your...

Read More

Author Image

About J.D. Falk

Author Archive

Stay up to date

Enter your name and email address below to subscribe to our mailing list.

Your browser is out of date.
For a better Return Path experience, click a link below to get the latest version.