Recent studies confirm that e-mail authenticated by either
the Microsoft-backed Sender ID Framework (SIDF) or the Yahoo-backed DomainKeys Identified Mail (DKIM) efforts have risen dramatically in the
The growth comes as large e-mail providers and ISPs adopt e-mail
authentication technology in an effort to help thwart spam and phishing
Though they differ in terms of technology and implementation, both SIDF and
DKIM aim to authenticate e-mail by providing some form of verification for
the domain from which a particular e-mail was sent.
The general idea is that
phishers will typically attempt to spoof a domain in order to trick users
into thinking it is legitimate. By providing authentication for an e-mail
against a verified domain, there is some form of verification that helps to
verify the identity of the sender.
A new study from IronPort Systems reports that 35 percent of all Internet
e-mail is authenticated with SIDF, while 9 percent is
authenticated with DKIM. In terms of enterprise adoption, 45 percent
of all Fortune 100 firms use DKIM while 75 percent use SIDF.
Patrick Peterson, IronPort CTO, told internetnews.com that the majority of DKIM signers also publish SIDF records.
He noted that the overlap is probably about two out of every
three which would yield a 38 percent to 40 percent number for the total of all e-mail authenticated by either method.
Over the last 12 months, overall adoption of e-mail authentication has
increased by 60 percent. IronPort forecasts that adoption will grow by another 50 percent over the next 12 months.
IronPort’s study is based on an analysis of traffic from its SenderBase
traffic monitoring network, which it claims monitors over 25 percent of
global Internet traffic.
Based on DNS
Microsoft claimed that .com and .net domains with Sender Policy
Framework (SPF) records jumped to nearly 2.2 million last month, up
from only 750,000 in March 2005.
On SIDF-authenticated domains alone,
approximately 2 billion e-mail messages are sent worldwide every day.
Microsoft’s Hotmail service is among the domains that use SIDF.
There, too, it is seeing an increase in Sender ID-compliant mail, with up to
32 percent of mail in March being compliant.
Microsoft is responsible for a portion of that compliance via its MSN Postmaster Services, which provide resources about how to properly craft compliant mail.
Adoption of e-mail authentication by ISPs and webmail providers is
one of the leading drivers of adoption. A new study from the E-mail Sender and
Provider Coalition (ESPC) reports that 18 of the largest ISPs in the U.S.
support at least one of the e-mail authentication methods.
“Legitimate e-mail marketers and ESPs have been quick to respond by adopting
authentication over the last year to ensure their mail makes it to inboxes
of leading ISPs,” said Trevor Hughes, executive director of the ESPC, in a
“We’re happy to see receivers take a stand by adopting
authentication as the industry takes a step closer to becoming a unified
force for authentication, accreditation and reputation — the combination of
which is the only way to stop spam and fraudulent e-mail.”