DomainKeys – spammer’s new BFF?

My pet peeve is Yahoo!’s ability (or lack thereof) to filter spam effectively because even legitimate emails using DomainKeys Identified Mail (DKIM) are being routed to the spam folder while spam’s going to my Inbox. As if this wasn’t bad enough, even spammers have started using DKIM, thereby rendering this authentication method useless.

The way DKIM works is that it allows verification of the domain that an email originated from, so a spammer can’t use a fake email address. However, this system is seriously flawed as I realized recently because now even spammers use it. Here’s an example:

yahoo_dkim

Both Yahoo and Google use DKIM email authentication protocol to ensure legitimate emails are delivered but spam is blocked. But if this protocol is so easy to manipulate that even spammers have started using it,  then what’s the point of authentication?

Advertisements

2 responses to “DomainKeys – spammer’s new BFF?

  1. Here’s another point on the uselessness of Domain Keys… From the Plesk Manual; All messages, sent from the domains that use DomainKeys to sign e-mail, which fail verification will be discarded. All messages, sent from the domains that do not participate in the DomainKeys program and do not sign e-mail, will be accepted without verifying.

    So, if you do use DK and something goes wrong, your mail is discarded. If you don’t use DK your email will be accepted without any questions.

    I think I must be missing something here. This just can’t be as stupid as it seems.

    • As much as I would like to just blame it on sheer ignorance but on closer scrutiny, it really seems to be as stupid as that, hence my rant/post on this. I don’t think the geniuses who set it up were exactly thinking it through.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s