Domain Keys / DKIM
This page is about Domain Keys (offsite link), the Yahoo sponsored solution to try to limit spam and phishing. The latest specification uses an enhanced version called DKIM (offsite link) which stands for Domain Keys Identified Mail. The rest of this document will refer to them collectively as DK/DKIM.
DK/DKIM works by having mail servers "sign" emails that it sends with a cryptographic signature. This signature is not normally visible to you when reading an email, so your emails will appear the same to you. If the signature fails to check out when it's received by the recipient's mail server, the DK/DKIM service on your mail server will take some action. DK/DKIM is in a very early stage of design and implementation. Typically, the action is to accept an email even if it fails the DK/DKIM check. This configuration is subject to change as more servers on the internet start to implement this capability.
DK/DKIM is not a technology that is going to eliminate spam completely. Rather, it is a tool in an ISP's arsenal to detect spam that is from someone other than who it claims to be. It is but one tool of many that must be used to increase the verifiability of a received or sent email.
Currently, Ivenue is researching DK/DKIM implementations and management. The system has just begun being designed, it is not yet ready for live customer usage.