Re: Seeking insight into DKIM implementation

[Brett Wasley <brett.wasley () GALLAUDET EDU>]

Many thanks Ken. You've confirmed my suspicions about DKIM as DKIM alone is
not a good basis for spam detection. I will look into message reputation
services a bit more for a more robust solution.

On Thu, Jun 18, 2015 at 9:48 AM, Ken Connelly <ken.connelly () uni edu> wrote:

> The intent of DKIM (and its cousin, SPF) is to prevent blatantly forged
> email messages from receipt.  It's up to the recipient system to utilize
> those checks (or not).  Neither, however, have any effect on mail sent
> from phished users who have given away their authentication credentials
> to the dark side.  Gmail would like you to believe that implementing
> DKIM is the grand solution to spam, but in reality, it's only a single
> stepping stone.
>
> - ken
>
> On 6/18/15 7:27 AM, Brett Wasley wrote:
> > Greetings from Gallaudet University,
> >
> > We are using Gmail and due to the number of phishing attacks that have
> > occurred recently we are discussing implementing DKIM as suggested by
> > Google.
> >
> > One of the biggest "cons" of DKIM as I understand it is it has
> > prevented users from sending messages on behalf of their address from
> > sites outside of Gmail. In other words DKIM is an added layer of
> > passive authentication, validating the sending/relaying mail server is
> > approved.  If this sending-server reputation check fails, the message
> > can be tagged as spam and/or deleted and/or not accepted.  (ex. A
> > message from a gallaudet.edu <http://gallaudet.edu> address must be
> > from a mail server that is an authorized relay.)
> >
> > Those of you that have DKIM implemented is this a problem and if so,
> > how did you mitigate it? Are there better options for Gmail users
> > (other than turning on 2-factor authentication)?
> >
> > Many thanks in advance for your replies.
> >
> > --
> > Brett Wasley, CISSP
> > Information Security Officer, Gallaudet Technology Services
> > Gallaudet University
> > 800 Florida Ave., NE
> > Washington, D.C. 20002-3695
> > 202.651.5203 (voice) 410.507.2595
> > brett.wasley () gallaudet edu <mailto:brett.wasley () galluadet edu>
>
> --
> - Ken
> =================================================================
> Ken Connelly             Associate Director, Security and Systems
> ITS Network Services                  University of Northern Iowa
> email: Ken.Connelly () uni edu   p: (319) 273-5850 f: (319) 273-7373
>
> Any request to divulge your UNI password via e-mail is fraudulent!



-- 
Brett Wasley, CISSP
Information Security Officer, Gallaudet Technology Services
Gallaudet University
800 Florida Ave., NE
Washington, D.C. 20002-3695
202.651.5203 (voice) 410.507.2595
brett.wasley () gallaudet edu <brett.wasley () galluadet edu>