triphen
asked on
DKIM....should you use it?
Hello Experts,
If DKIM is such a good thing to implement, why don't microsoft.com, google.com, or yahoo.com implement it?
I see they all have SPF and DMARC, but not DKIM.
Thank you
If DKIM is such a good thing to implement, why don't microsoft.com, google.com, or yahoo.com implement it?
I see they all have SPF and DMARC, but not DKIM.
Thank you
ASKER
Understand, but if my DKIM is properly configured in DNS and all my outgoing mail is signed with private key, that can possible be misconfiguered on the receiving side?
Thanks
Thanks
When someone "cookbooks" a configuration from a not-necessarily-excellent example without understanding it, any software product can be misconfigured. And this is how many small sites are configured - by people who have never done this, will never do it again, and are cookbooking from an example.
ASKER
Yes I understand what you are saying about the cookbooks and how no one know what they are doing...
I am sure Microsoft, Google, and Yahoo have competent people to set up a DNS record and enable DKIM on their email server. The question is why aren't they doing it to protect themselves? All receiving mail server just have the burden of checking the DKIM, but that is their burden to check, they can't mess something up on their side as far as config as far as I know.....that's what I don't get,
Thank you.
I am sure Microsoft, Google, and Yahoo have competent people to set up a DNS record and enable DKIM on their email server. The question is why aren't they doing it to protect themselves? All receiving mail server just have the burden of checking the DKIM, but that is their burden to check, they can't mess something up on their side as far as config as far as I know.....that's what I don't get,
Thank you.
ASKER CERTIFIED SOLUTION
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
There are just too many little "mom-and-pop" sites out there with email configured just barely well enough to send outgoing messages.
The flip side of this is that if the big players mandated and required DKIM, it would become a worldwide standard right quick. But the up-front cost in lost email and lost customers would be very, very high and a customer who leaves in anger is unlikely to return.
As time goes on this may change, but at this time (a) spam filtering is about good enough to handle most suspicious messages and (b) the price paid for requiring valid DKIM on all messages would be too high.