this post was submitted on 02 Apr 2024
171 points (95.7% liked)
Technology
59135 readers
2532 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
DKIM is the standard for verification right now. This isn't an anti-competition play. I manage DKIM records for my clients all the time. Yahoo, SB global, and At&t enforced DKIM requirements a few months back and it's been a headache but it has made a huge difference in spam emails.
For anyone who doesn't know what DKIM is, it's a method of an email provider getting a sort of green flag from the host domain name. So if you have an email address whatever@mybusiness.com and your email provider is Microsoft 365 and your domain provider is goDaddy, Microsoft says to goDaddy, "hey I'm sending this email, can you verify that I have permission to send from the domain my business.com?" And go daddy checks for DKIM records from Microsoft and sees it and says "yes sir, this is approved." Then M365 sends the email, and if the recipient requires DKIM to receive the email at whomever@yahoo.com, Yahoo looks at the domain and asks, "hey goDaddy, it says you host this, is this email legit?" And goDaddy says "yep it's all legit, give it to the recipient."
This effectively eliminates messages sent from a domain without DKIM records as well as spoofed emails because those spoofed emails never checked in when sending.
I appreciate the skepticism but this is a security play, not a business one.
Alright thanks for the clarification, I learned something new today