Friday, January 7, 2011

Google Apps adds e-mail signing to stop the scams....

Google has made it possible for Google Apps customers to sign their outgoing e-mail using a technology called DomainKeys Identified Mail (DKIM) that makes it easier to ensure a sender is who he or she says he is.

Google has been using DKIM since 2008 to show Gmail users when incoming mail really is from PayPal and eBay--two major brand names often caught up in spoofed e-mails used in phishing attacks. Now the technology is available more broadly and for the e-mail Google Apps users send.

"Today...we're making it possible for all Google Apps customers to sign their outgoing messages with DKIM, so their sent mail is less likely to get caught up in recipients' spam filters. Google Apps is the first major e-mail platform--including on-premises providers--to offer simple DKIM signing at no extra cost," said Adam Dawes, a Google Enterprise product manager.

"As more e-mail providers around the world support DKIM signing, spam fighters will have an even more reliable signal to separate unwanted mail from good mail," he added. "E-mail authentication is an important mechanism to verify senders' identities, giving users a tool to recognize potential spam messages. In addition, many mail systems can display whether a received message is DKIM-verified, which helps spam filters verify and assess the overall reputation of the sender's domain: messages from untrusted senders are treated more skeptically than those from good senders."

In addition, Google yesterday added an option to Google Apps that lets administrators restrict who may send e-mail and to whom. "For example, school faculty and staff can have unrestricted e-mail access while students have the freedom to send and receive e-mails within the school community but are protected from unwanted e-mail interactions with outsiders," Dawes said.
An e-mail signed by its sender with DKIM gets a "signed by" line in Gmail as an assurance it's authentic.
An e-mail signed by its sender with DKIM gets a "signed by" line in Gmail as an assurance it's authentic.

No comments:

Post a Comment