It’s been a while since I’ve tinkered with sending authenticated emails. Recently, I’ve been tasked with doing just that in order to decrease chances of emails landing into spam box. Integrating DKIM has become surprisingly easy to what I have done some 5 years ago with cy-Mall. What has surprised me even more are the tools available to validate the authentication of the emails sent. I was able to validate my emails’ spf, domainkeys, and dkim with some detailed information to help me debug.
I am very happy to report that all my emails going out are DKIM and SPF validated, where I have found DomainKey to be reduntant. DomainKeys do not seem to be supported by the majority of top email providers, their signature being nearly identical to DKIM (except that only headers are signed). Email providers are now reporting my emails to be whitelisted and have followed up with those email providers to ensure everything was done to remain on their whitelists.
With all that said and done, one lingering question remains. Why does ICANN not provide more options to cut down on spam and ensure the validaty of emails. Its been said that the majority of emails going through the internet today are spam. After going through setting up DNS entries for DomainKeys, DKIM and SPF, makes me wonder why they aren’t setup by default. Beyond that, provide additional settings to force signed emails from that domain or have email providers reject non-signed emails. This could very well help with cutting down phishing, who like to send emails (or make it seem like they do) from other domains.
Perhaps a crazy idea, but wonder what stops them from doing it.