DKIM-based CertifiedEmail SDK

Goodmail Systems released the first DKIM-based CertifiedEmail software development kit (SDK). DKIM is an emerging cryptography-based standard for email authentication that enables email receivers to verify what internet domain is responsible for a message.

CertifiedEmail is now the only closed-loop DKIM-based solution in which each individual message is certified, signed, and monitored by a trusted third party. So not only must the domains of CertifiedEmail senders be authenticated through DKIM, but they are also subject to processes that prevent those domains from spreading spam, phishing and malware. Fraudsters may use DKIM to authenticate their lookalike domains, but their spam, phishing and worms will never carry the distinctive CertifiedEmail icon.

Standalone DKIM email authentication – even implemented in its most aggressive forms – is insufficient to prevent the forgery of legitimate brands, leaving open a wide loophole for online scammers that can and has been frequently exploited. For example, recent attacks against frequently phished brands have involved the use of domain names nearly identical to the genuine domains, avoiding the use of the legitimate domains themselves.

With software installed at both the sending and receiving ends, CertifiedEmail closes the loophole by establishing a trusted, private pipeline between legitimate senders and recipient mailboxes. CertifiedEmail includes an accreditation layer built on top of DKIM authentication and confirms that senders adhere to the high standards required by Goodmail’s Acceptable Use Policy; security benefits extend well beyond those that can be achieved through basic domain whitelisting or other approaches, by including a method for pre-registering “From” headers, enforceable quotas, real-time security and privilege-revocation mechanisms, and visual demarcation of messages as authentic in the inbox.