Ars Technica on Yahoo's Domain Keys

Yahoo has started using its Domain Keys and Ars Technica is there to tell us about it.

DomainKeys is a technology developed by Yahoo! that has its basis in public-key encryption. The basic theory is that a hash of the e-mail's body is encrypted with the mail server's private key, encoded as Base64, appended to the message as a normal mail header field then transmitted along with the plaintext e-mail. At any point along the message's transmission, a system can request the mail server's public key from a DNS server and decrypt the hash and compare it against the message's text. Any interim machine or your local mail client can decide what to do with the message based on the outcome of the comparison, or more likely, use the results as a weighted factor in the decision to discard or retain the message.

Note that these Domain Keys, as well as the Sender ID and SPF type concepts do have anti-spam uses, but they are not solely designed for stopping spam. They are designed to make it so that you can't fake where you sent the e-mail from (something spammers do, but also viruses and phishers).

Posted by Eric at November 17, 2004 10:16 AM | TrackBack