DomainKeys FAQ

The frequently asked questions for working with DomainKeys are given below. To go directly to the topic that explains how to set up and use DomainKeys in Aurea List Manager, click here.

What is email authentication?

Email authentication is a way to ensure that email actually comes from whoever it claims to come from. It is a vital step in stopping spam, forgery, fraud, and other serious crimes.

What is Domainkeys?

DomainKeys is an email authentication system created by Yahoo. It gives email providers a mechanism for verifying both the domain of each email sender and the integrity of the messages sent (i.e., that they were not altered during transit). Since the actual domain can be verified, it can be compared to the domain claimed in the From: field of the message. If the sender is genuine, a profile can be established for that domain that can be tied into anti-spam policies. If the email is a forgery, it can be dropped, flagged or quarantined.

DomainKeys uses something called a digital signature. What is that?

A digital signature is a technology used to simulate the security properties of a handwritten signature in digital form. This is accomplished by creating a "private key," available on your outbound mail servers, and a matching "public key," which you publish in DNS. When you send email, your email system automatically uses the stored private key to generate a digital signature of the message which is then attached to the message. The receiving email system fetches the public key from DNS and uses it to verify that the signature was generated by the matching private key (or not).

How does DomainKeys help with branding?

Preventing forged email helps you in a number of ways, including branding. Using DomainKeys reduces the chance that someone impersonates your domain and use it for fraudulent purposes, including "phishing attacks" -- the solicitation of personal information such as passwords, credit card numbers, etc.

How does DomainKeys help with deliverability?

Using DomainKeys does not guarantee that your email bypasses any spam filters on the receiving end, but if your recipients can confirm that the email truly came from you, and if they consider you someone of good reputation, they are more likely to receive and open your mail.

What are email "headers"?

Headers are pieces of information that get attached to email as it makes its journey from the sender, through various computers on the Internet, and on to the receiver. Here is an email that was sent from Yahoo; some of the more basic headers are outlined, including:

  • Date: the date the email was created.
  • From: who sent the email (supposedly).
  • To: who it's going to.
  • Subject: the subject line created by the originator of the email.

Why are headers important to DomainKeys?

When you use DomainKeys, a header called DomainKey-Signature: is added to each email. This header contains the digital signature of the message which was generated using the stored private key described in the above section about digital signatures.

What is the difference between the "From" header and the "Sender" header?

The From header contains the creator(s) of the message; the Sender header contains the mailbox of the agent responsible for the actual transmission of the message. In many instances, these are one and the same, in which case only the From header is used. There may be situations where these are two separate entities; for example, if a secretary were to send a message for another person, the mailbox of the secretary would be in the Sender header and the mailbox of the author(s) would appear in the From header. If there are two or more authors (and therefore two or more From mailboxes), the Sender header, with a single mailbox listed, must appear in the message.

How is this information about the From and Sender headers useful when using ListManager?

If the Aurea List Manager Internet Host Name domain of the site and the From domain match, Aurea List Manager includes the From header but not the Sender header in the digital signature. If the Aurea List Manager site name and the From domain are different, the Sender header is included.

I sent some mail and then viewed it in Outlook. In the From field, it said "From <address 1> on behalf of <address 2>." Since the email looks like it came from two different places, I'm concerned that recipients will view it suspiciously. What's going on?

This occurs in Outlook if you have a From header and a Sender header. Outlook interprets this as "From <Sender header> on behalf of <From header>."

If you are concerned about what your Outlook recipients see, ensure that your outgoing mail only contains a From header, not a Sender header.

How can I ensure that my email only has a From header?

One solution would be to use an autoresponder. You can learn more about autoresponders here.

You can also choose a list level setting for DomainKeys that prevents use of a Sender header.

I sent a message and then opened it in Yahoo and looked at the headers. I'm pretty sure there should be a Sender header, but none is displayed. Why?

Yahoo does not display the Sender header, even when you view all headers.

How do I use the "Header" field in Aurea List Manager?

You can learn more about it here.

How can I test DomainKeys?

Send a message to any Yahoo and then view the headers.

Does Yahoo require DomainKeys for its Feedback Loop?

Yes. Contact your Yahoo representative for Feedback Loop applications.

When I open a typical email, I only see a few of the most basic headers. How do I view all headers in Yahoo / Outlook / Gmail?

In Yahoo:

  1. Open the email.
  2. In the lower right corner of the screen, click Full Headers.

In Outlook:

  1. Open the email.
  2. On the Toolbar, click View, and then click Options.
  3. In the Message Options dialog, the headers are displayed in the Internet Headers section.

In Gmail:

  1. Open the email.
  2. At the top-right of the message pane, click the down arrow next to Reply.
  3. Select Show Original.

I'm currently blocked / greylisted / tarpitted by Yahoo. How can I test my DomainKeys without being able to see Yahoo headers?

You can get around this by using a free tool made by the Email Sender & Provider Coalition (ESPC).

http://senderid.espcoalition.org/

However, note that the ESPC tool may not validate DomainKeys the same way Yahoo does.

What happens if I send a mailing for which DomainKeys has been set up incorrectly?

See the topic "Failed Verifications and Warning Messages."

The From: field in my mailing contains a merge tag. Will DomainKeys still validate it?

No; ListManager does not merge and then validate the domain. The mailing is signed and sent out, but you must verify that the domains match.


Next: Setting Up and Using DomainKeys in ListManager