All You Need to Know About E-mail Authentication
SIDF, created by Microsoft, is similar to SPF. SPF verifies the visible “from” line of the e-mail, while SIDF authenticates either the “from” line or the invisible “from” line of the e-mail header. Using the U.S. Postal Service as an analogy, SIDF is akin to verifying the authenticity of both the outer envelope and the letterhead on the document inside the envelope.
DKIM is a cryptographic, signature-based type of e-mail authentication. DKIM is a combination of Yahoo’s DomainKeys (DK) and Cisco’s Identified Internet Mail (IIM). DKIM requires e-mail senders’ computers to generate “public/private key pairs” and then publishes the public keys in its DNS records. The matching private keys are stored in senders’ outbound e-mail servers, and when those servers send out e-mail, the private keys generate message-specific “signatures” that are added into additional, embedded e-mail headers.
Plain and simple: Regardless of whether you’re a large company or a small one, business-to-business or business-to-consumer, you should authorize any outbound e-mails you send.
If you’re still unclear, take a look at the DMA’s online Authentication Resource Center at www.the-dma.org/emailauthentication.
Beyond your marketing and promotional e-mail messages, authenticate transactional and information e-mails that include the following:
* order confirmations and shipping notices,
* customer service messages,
* monthly statements,
* customer newsletters, and
* individual correspondence with customers.
Pat Kachura is senior vice president for ethics & consumer affairs at The Direct Marketing Association. You can reach her at (202) 861-2410 or firstname.lastname@example.org.