Yahoo and Cisco Systems are combining their antispam technologies to create a new e-mail authentication system, they announced this week.
The system, called DomainKeys Identified Mail (DKIM), will draw on Yahoo's DomainKeys authentication technology and Cisco's Internet Identified Mail. The technology will be offered to other industry players on a royalty-free basis in an effort to reduce the amount of spam spread across the Internet, the companies said.
E-mail authentication is important because spammers and online criminals often used forged e-mail addresses to send unwanted messages.
Yahoo's DomainKeys uses public-key cryptography to authenticate the sender of an e-mail at the domain level. The sending system generates a signature and inserts it in the e-mail header while the receiving system verifies the signature using a public key published in the Domain Name System.
Cisco's authentication technology also uses cryptography but associates the signature with the message itself. In its system, the sending server signs the message and inserts the signature and pubic key used to create it in a new and additional header. The receiving system then verifies that the public key used to sign the message is authorized for use by the sending e-mail address.
DomainKeys Identified Mail will combine aspects of both of these authentication systems. It will use the Domain Name System in the same manner as DomainKeys, to verify signatures using the published public key, but will also draw on Cisco's header signing technology to ensure consistency as messages are sent through the system.
It wasn't immediately clear how the new technology would fit in with the companies' prior work on authentication systems, however. Yahoo has already implemented DomainKeys into its Yahoo Mail service and offers the technology royalty-free to other industry players.
The Sunnyvale, California, Internet company said that it receives more than 350 million messages a day signed by DomainKeys, but did not say whether it plans to replace the technology once DKIM becomes available.
As for Cisco, it released an open source implementation of Identified Internet Mail late last year.