Microsoft tests DKIM and ADSP

Posted by J.D. Falk on

Paul Midgen, an engineer at Microsoft, recently shared some of the thinking behind Hotmail’s adoption of DKIM and ADSP with the IETF working group responsible for finalizing DKIM and related standards.

Primarily, he explained, “we implemented DKIM to offset the impact of well-known SPF false-failure scenarios.” So when an SPF/SenderID check fails — about 1.5% of their inbound traffic — they’ll look at DKIM also. If the SPF or SenderID check succeeds, they won’t.

Like SenderID, Microsoft’s DKIM implementation is further restricted to when the author domain (the domain in the email address in the From: header) matches the signing domain (the d= string in the signature.) So in effect, this is an ADSP-only version of DKIM.

(We’ve discussed ADSP in detail here and here.)

Even within those boundaries, ADSP is rare. Only 2% of their inbound mail is from domains that publish a “discardable” policy, and 0.02% publish “all”; the rest are either explicitly “unknown” or have no ADSP record at all.

Paul insists that “Hotmail’s use of DKIM+ADSP should not be interpreted as a political statement”, and that they’re “still experimenting with the two standards”.

For the next phase of the experiment, Microsoft plans to start verifying DKIM signatures for “all non-passing SPF results, or ~49% of total inbound volume.”


Popular this Month

 3 Trends Impacting Email: Persistent Fraud, Part 2

3 Trends Impacting Email: Persistent Fraud, Part 2

In part one of this three-part series, I examined the evolving landscape of...

Read More

 The Top 16 Topics of 2016

The Top 16 Topics of 2016

2017 is finally here! But before we focus on the year ahead, we wanted to...

Read More

 Think Fighting Email Fraud is Someone Else’s Job? Here’s the Real Cost of Doing Nothing.

Think Fighting Email Fraud is Someone Else’s Job? Here’s the Real Cost of Doing Nothing.

Cyberattacks against your brand can be very damaging and costly to both your...

Read More

Author Image

About J.D. Falk

Author Archive

Stay up to date

Enter your name and email address below to subscribe to our mailing list.

Your browser is out of date.
For a better Return Path experience, click a link below to get the latest version.