Test Finds DomainKeys' Cost Less Than Expected

Share this content:
In the first test of Yahoo's e-mail authentication technology, e-mail system provider Sendmail found the cryptographic system would cost less to deploy than some have thought.


Sendmail found in initial benchmark testing of the DomainKeys mail filter that performance was "well within expected norms." The process required 7.8 percent more computer-processing power on outbound e-mail. Sendmail said that would make DomainKeys 10 times less cumbersome than typical spam filters. Sendmail's testing team found their servers using DomainKeys could deliver more than 100 pieces of mail per second.


Greg Olson, executive vice president of development at Sendmail, said the tests, though still early, showed that DomainKeys holds real promise as a robust, cost-efficient method of establishing a secure identity of e-mail messages.


"My view is that's a small cost to pay for the improved security," he said. "I think it's a strong competitor for e-mail authentication."


Sendmail, Emeryville, CA, which makes open source e-mail delivery systems, began testing e-mail authentication technologies in March. Sendmail is testing DomainKeys and Sender ID, the combined Microsoft and Sender Policy Framework standard. The tests evaluate e-mail authentication solutions for their effect on user experience, ease of implementation and security.


"We need real-world data about how well both of them are working," said Miles Libbey, anti-spam product manager at Yahoo.


DomainKeys is a public-private encryption system that assigns e-mail messages a digital signature in the header containing a private key. Receivers would match up the private key with a public key each Internet domain would register with the Internet's Domain Name System. The receiving servers match up the two keys to determine whether an incoming message is valid and whether the content has been changed.


Sender ID is the combined standard of Microsoft's authentication protocol and Meng Wong's open-source SPF technology. Sender ID is thought to be easier to implement, because it only requires senders to register their servers in their domain name records. DomainKeys, however, is thought of as the more sophisticated solution because it authenticates the entire message, not just the sender.


"It's good news," Meng Wong said of the Sendmail test. "It means crypto solutions won't be as expensive as we'd feared."


The test also found DomainKeys used 15.2 percent more processing power for inbound messages, which Olson said would be similar for Sender ID because both need to check Domain Name System records.


The need for e-mail authentication systems has risen along with the influx of so-called phishing scams, where scammers send messages made to look like they are from financial institutions to obtain passwords and banking information. Thanks to a flaw in the current e-mail architecture, e-mail from addresses can be changed easily. A May report by researcher Gartner Group estimated phishing attacks cost U.S. businesses $1.2 billion last year.


"Phishing is out of control," Olson said. "This can shut that down right away."


The extent of the problem has spurred some cooperation. In June, Yahoo joined Microsoft, AOL and EarthLink in an agreement to test both e-mail authentication technologies, though the ISPs did not commit to implementation of either of the dominant proposals or provide a roadmap for a single standard.


Sender ID has gained momentum as a near-term authentication protocol. More than 19,000 domains now publish SPF records and about 20 e-mail sending products support it, according to Wong. The Direct Marketing Association plans an online seminar Aug. 18-19 to instruct members about how to comply with the standard. The E-mail Service Provider Coalition and Microsoft are holding a meeting in Redmond, WA, today to educate commercial e-mailers about Sender ID. More than 100 participants are expected.


Libbey said Yahoo's focus would remain on testing and developing DomainKeys, which it plans to implement by the end of the year. He objects to the notion that the implementation of DomainKeys should come after Sender ID, since only real-world use of both will reveal their strengths and weaknesses.


"This test shows we can add strong authentication solutions to e-mail, like DomainKeys, and have minimal impact to the scalability of the system," he said.


Both Sender ID and DomainKeys are under review by the Internet Engineering Task Force, the standards body for the Internet. Last week, Yahoo met with the task force in the first step toward forming a working group that will evaluate DomainKeys as a potential industry standard and suggest changes to the specification. Yahoo also has released an open-source, royalty-free add-on of DomainKeys for mail transfer agents at domainkeys.sourceforge.net.


close

Next Article in Digital Marketing

Sign up to our newsletters

Company of the Week

Brightcove is the world's leading video platform. The most innovative and respected brands confidently rely on Brightcove to solve their most demanding communication challenges because of the unmatched performance and flexibility of our platform, our global scale and reliability, and our award-winning service. With thousands of customers and an industry-leading suite of cloud video products, Brightcove enables customers to drive compelling business results.

Find out more here »

Career Center

Check out hundreds of exciting professional opportunities available on DMN's Career Center.  
Explore careers in digital marketing, sales, eCommerce, marketing communications, IT, data strategies, and much more. And don't forget to update your resume so employers can contact you privately about job opportunities.

>>Click Here

Relive the 2017 Marketing Hall of Femme

Click the image above