Domain Keys Explained
19th May 2004
Via Jeremy Zawodny,, Yahoo’s Anti-Spam Resource Center have published an explanation of their proposed Domain Keys spam fighting technique. At first glance it looks very promising. There’s no centralised authority, no requirements for changes to existing protocols and the central concept is extremely easy to understand. Essentially, mail servers generate a public/private key pair and sign outgoing messages with the private key, while publishing the public key as part of their DNS record. Because only they can publish to their public key in this way the signature can be used to confirm that the sender of the email has not been spoofed. The presence or lack of a signature can be used as part of the process of identifying spam.
The FAQ covers all the bases I could think of, and explains how Domain Keys can help fight phishing attacks as well.
More recent articles
- Weeknotes: datasette-enrichments, datasette-comments, sqlite-chronicle - 8th December 2023
- Datasette Enrichments: a new plugin framework for augmenting your data - 1st December 2023
- llamafile is the new best way to run a LLM on your own computer - 29th November 2023
- Prompt injection explained, November 2023 edition - 27th November 2023
- I'm on the Newsroom Robots podcast, with thoughts on the OpenAI board - 25th November 2023
- Weeknotes: DevDay, GitHub Universe, OpenAI chaos - 22nd November 2023
- Deciphering clues in a news article to understand how it was reported - 22nd November 2023
- Exploring GPTs: ChatGPT in a trench coat? - 15th November 2023
- Financial sustainability for open source projects at GitHub Universe - 10th November 2023
- ospeak: a CLI tool for speaking text in the terminal via OpenAI - 7th November 2023