Authentication of message integrity ensures no one has tampered with the message or modified its content. When authentication is requested, the Message Queuing runtime digitally signs the message when it is sent. Then the destination queue manager verifies the digital signature before it places the message in the destination queue. Once message integrity is established, Message Queuing verifies who sent the message.

The Authentication & Online Trust Alliance (AOTA) was established to create a trusted global online ecosystem and foster the elimination of email and internet fraud, abuse and cybercrime. OTA’s main goal is to  enhance trust, confidence and the protection of businesses and consumers.  Through their member companies, chapters and organization affiliates, AOTA represents over one million businesses and 500 million users worldwide.

To make good on its mission, the AOTA published the “Authentication Directory“.   This directory is a resource to assist companies in locating and working with companies that support leading forms of email and domain authentication.  While such authentication alone is not a silver bullet to counter online fraud and email abuse, it is a recommended best practice for all companies and email marketers.  Companies listed in the directory include mutual collaboration with Microsoft, AOL, Comcast, Netzero, Earthlink, Gmail etc.

The effectiveness of this directory benefiting marketers is based on better understanding the various email authentication methods being implemented.

• DomainKeys Identified Mail (DKIM) is a method for E-mail authentication, allowing a person who receives email to verify that the message actually comes from the domain that it claims to have come from. The need for this type of authentication arises because spam often has forged headers.

• Sender ID Policy Framework (SPF) allows software to identify messages that are or are not authorized to use the domain name in the SMTP HELO and MAIL FROM (Return-Path) commands, based on information published in a sender policy of the domain owner.  Microsoft provides a free Sender ID Framework SPF Record Wizard Tool.   This four-step wizard will guide you through the process of creating a new SPF record for your DNS domain.

• Transport Layer Security (TLS) and its predecessor, Secure Sockets Layer (SSL), are cryptographic protocols that provide security and data integrity for communications over TCP/IP networks such as the Internet.

How close does your comany come to using all of these authentication methods?  Which ones are working to secure email being received in the email users’ Inbox?