Google enhances e-mail security in Apps
Google has taken a step to stop legitimate e-mail messages sent by its Apps customers from getting caught in spam filters.
Administrators for Google Apps can now enable digital signing of those messages, which helps recipients verify that the messages came from a known, vetted sender, wrote Adam Dawes, a Google Enterprise product manager on a company blog.
The system uses DKIM, or DomainKeys Identified Mail, which verifies the domain name through which a message was sent by analyzing the message's cryptographic signature. If the message comes from a domain that is considered reputable, it won't be filtered out.
Some users of Google Apps have complained their e-mail from their custom domain has been blocked even if they have set up a proper Sender Policy Framework (SPF) record. The SPF record allows a domain owner to specify which hosts are allowed to send mail for their domain.
A SPF record makes it more difficult for spammers to simply forge the “from” address in an e-mail message since the recipient will check the SPF record and filter inconsistent ones out.
Google has used DKIM and DomainKeys, another e-mail authentication method, for its Gmail customers for outbound e-mail since 2004.
In 2008, Google worked with eBay and PayPal to ensure messages from those organizations were always properly signed, due to the high prevalence of phishing e-mails. All unsigned messages purporting to be from those organizations are blocked.
DKIM is free for Google Apps users. Administrators can turn it on by going to the control panel and then to the “advanced tools” tab, Dawes wrote.