The Business Case for DomainKeys Identified Mail - PowerPoint PPT Presentation

1 / 15
About This Presentation
Title:

The Business Case for DomainKeys Identified Mail

Description:

Fighting Spam & Email Abuse Requires a Multi-Faceted Approach ... gets legitimately forwarded: (Yahoo!, EarthLink, Comcast, Juno, Mail.com, SBC, ... – PowerPoint PPT presentation

Number of Views:51
Avg rating:3.0/5.0
Slides: 16
Provided by: milesl1
Category:

less

Transcript and Presenter's Notes

Title: The Business Case for DomainKeys Identified Mail


1
The Business Case for DomainKeys Identified Mail
2
Fighting Spam Email Abuse Requires a
Multi-Faceted Approach
DomainKeys Identified Mail is part of a
multi-faceted approach to protect consumers
against spam and phishing scams.
Industry collaboration effortsCisco, Sendmail,
PGP, AOL, IBM, and others worked together to
submit DKIM to IETFLegislation and
litigationYahoo! has filed several lawsuits
against spammerIncreasing consumer
awarenessConsumer information available at
http//antispam.yahoo.com and http//security.yaho
o.comEnhanced technologiesContent filters,
virus protection, sender reputation and
accreditation
3
The State of Email Market Situation
  • Worldwide email market 465 million monthly
    users(comScore Media Metrix, 12/2005)
  • The original design of email makes email forgery
    and spoofing easy for spammers
  • The most egregious email abuse phishing and
    online identity theft

4
The Proliferation of Phishing Attacks
  • Gartner Study Increased Phishing and Online
    Attacks Cause Dip in Consumer Confidence (survey
    of 5,000 adults, 6/05)
  • 2.42 million US adults report losing money due to
    phishing attacks
  • In 2004 and 2005, 11 million phishing e-mail
    recipients clicked on the links (or about 15
    percent this year and 19 percent last year)
  • More than 80 percent of online consumers say that
    their concerns about online attacks have affected
    their trust in e-mail from companies or
    individuals they dont know personally.
  • Forrester Study Phishing Spreads Among Consumers
    (9/05)
  • 14,000 phishing attacks were reported to the
    Anti-Phishing Working Group from April to Sept
    2005
  • According to the APWG, the number of unique key
    logging Web sites increased 125 from April to
    Sept 2005
  • 86 of phishing attacks target the financial
    services industry

5
Why Yahoo! Mail is Involved
  • Yahoo! Mail is the largest Web mail provider in
    the US and in the world
  • 231 million monthly unique users
    worldwide(comScore MediaMetrix, 12/06)
  • Yahoo! provides email for
  • SBC/ATT
  • Verizon
  • British Telecom
  • Rogers Cable
  • Bell South
  • 100,000s of small business
  • and personal domains

6
Sender Reputation Based on IP Address
  • Numerous headaches with IP reputation (pre-domain
    authentication)
  • Maintenance
  • Senders forget to communicate (or even realize)
    IP address changes
  • ISPs end up relying on end user reports
  • Email Service Providers and shared IP addresses
  • Forwarding
  • 80 of forwards traffic is spam ? Poor reputation
  • Extremely hard to distinguish legitimate wanted
    forwarded mail from forgeries
  • ISP are between rock and a hard place protect
    user from phishing and other forgeries or yield
    false positives
  • Marketers send TONS of mail that gets
    legitimately forwarded (Yahoo!, EarthLink,
    Comcast, Juno, Mail.com, SBC, )
  • Users dont know or care about IP addresses
  • Marketers dont care about IP addresses

7
Sender Reputation Based on Domains
  • DomainKeys was developed to solve these issues
  • Low maintenance for sender and ISP
  • Many domains can share the same IP address
    without sharing the same reputation
  • Survives forwarding
  • Users know about domains
  • Companys domain is (or should be) a prime brand
    attribute to marketers

8
Key Benefits of DomainKeys
  • ISP can measure the correct reputation
  • ISP can help you protect your brand
  • Reduce sender reputation maintenance
  • Protect email users from forgery

9
Implementation Costs
  • CPU Cost
  • Sendmail study shows 8-16 mail server software
    CPU increase
  • Several major ISPs and senders have not needed to
    add additional hardware
  • Several royalty free software implementations
    available
  • ESPs are beginning to implement
  • DNS infrequent updates required

10
Implementation Costs Licensing
  • Patent license designed to allow freedom to
    operate, while protecting the industry
  • Royalty free
  • Sub-licensable
  • Perpetual unless you sue Yahoo! or other
    implementer over DomainKeys
  • No registration required
  • GPL (GNU General Public License)

11
How Yahoo! is using DomainKeys
  • Signing and verifying email using DomainKeys
  • Expect to begin using DKIM as specification
    stabilizes
  • Showing positive verification results to users
  • Skipping some antispam filters
  • Especially forgery detection
  • Filters that get fooled by forwarding most often
  • Not guaranteed inbox delivery!
  • Working on providing complaint feedback loops for
    signed mail
  • Continued integration into sender reputation
    systems

12
How it works Sending Servers
  • Set up The domain owner (typically the team
    running the email systems within a company or
    service provider) generates a public/private key
    pair to use for signing all outgoing messages
    (multiple key pairs are allowed). The public key
    is published in DNS, and the private key is made
    available to their DomainKey-enabled outbound
    email servers. This is step "A" in the diagram to
    the right.
  • Signing When each email is sent by an authorized
    end-user within the domain, the DomainKey-enabled
    email system automatically uses the stored
    private key to generate a digital signature of
    the message. This signature is then pre-pended as
    a header to the email, and the email is sent on
    to the target recipient's mail server. This is
    step "B" in the diagram to the right.

13
How it works Receiving Servers
  • Preparing The DomainKeys-enabled receiving email
    system extracts the signature and claimed From
    domain from the email headers and fetches the
    public key from DNS for the claimed From domain.
    This is step "C" in the diagram to the right.
  • Verifying The public key from DNS is then used
    by the receiving mail system to verify that the
    signature was generated by the matching private
    key. This proves that the email was truly sent
    by, and with the permission of, the claimed
    sending From domain and that its headers and
    content weren't altered during transfer.
  • Delivering The receiving email system applies
    local policies based on the results of the
    signature test. If the domain is verified and
    other anti-spam tests don't catch it, the email
    can be delivered to the user's inbox. If the
    signature fails to verify, or there isn't one,
    the email can be dropped, flagged, or
    quarantined. This is step "D" in the diagram on
    the right.

14
Domains from which Yahoo! has received a
DomainKeys signed email
15
  • More information and specification
  • http//antispam.yahoo.com/domainkeys
  • Tools for deployment
  • http//domainkeys.sourceforge.net
Write a Comment
User Comments (0)
About PowerShow.com