The problem with DomainKeys Identified Mail

Wired has been discussing an emerging email security vulnerability this month.

The problem lies with DKIM keys (DomainKeys Identified Mail). DKIM involves a cryptographic key that domains use to sign e-mail originating from them — or passing through them — to validate to a recipient that the domain in the header information on an e-mail is correct and that the correspondence indeed came from the stated domain. When e-mail arrives at its destination, the receiving server can look up the public key through the sender’s DNS records and verify the validity of the signature.

Learn more from the article, and ask your hosting company if they use strong — 1024-bit — DKIM. Why?

A hacker who cracks a DKIM key can use it to send out phishing attacks to victims to trick them into believing that a fake e-mail is actually a legitimate e-mail from their bank or another trusted party. Such phishing attacks can be used to trick users into handing over the login credentials to their bank or e-mail account.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.