Google Apps Battles Spam E-Mail With DKIM Signatures


Google has waged war against spam e-mail and has made it possible for Google Apps cloud computing customers to sign outgoing e-mail messages with DomainKeys Identified Mail (DKIM), which validates digital e-mail signatures.

Essentially, the use of DKIM ensures that an e-mail sender is who he or she claims to be, ultimately helping to curb spam.

Google has used DomainKeys and DKIM since 2004 to help validate outbound mail with digital signatures. In 2008, Google worked with eBay and PayPal, two companies from which spammers usually spoof e-mails, to authenticate their e-mail with DKIM and block all unsigned messages from those companies that are sent to Gmail users.

On Thursday, Google made DKIM capabilities more widely available for e-mail sent by users of its Google Apps cloud computing communications and collaboration suite.

"Today, we mark another notch in the spam-fighting belt: we're making it possible for all Google Apps customers to sign their outgoing messages with DKIM, so their sent mail is less likely to get caught up in recipients' spam filters," Adam Dawes, Google Enterprise Product Manager wrote in a blog post highlighting Google Apps' use of DKIM. "Google Apps is the first major e-mail platform -- including on-premises providers -- to offer simple DKIM signing at no extra cost. Once again, the power of the cloud has made it possible for us to bring this feature to millions of customers quickly and affordably."

Dawes said that all Google Apps administrators can enable DKIM signing starting today. The feature is available in the "Advanced Tools" tab of the control panel.

"As more e-mail providers around the world support DKIM signing, spam fighters will have an even more reliable signal to separate unwanted mail from good mail," Dawes wrote. "We're pleased to let millions more organizations use DKIM with this improvement."

Along with continuing to fight spam e-mails, Google Apps this week added additional safeguards for e-mail, including enabling Google Apps administrators to create policies specifying which users can communicate over e-mail. In a separate blog post, Dawes wrote that administrators can tailor those policies to different groups of users.

"For example, school faculty and staff can have unrestricted e-mail access while students have the freedom to send and receive e-mails within the school community but are protected from unwanted e-mail interactions with outsiders," he wrote. Basically, admins can use to ensure some users only send and receive e-mails within their organizations, while other users can have more e-mail permissions.

Google will roll out that capability over the next couple of days to Google Apps for Business, Education and Government customers. Administrators can configure their policies in the “Advanced Tools” section of the control panel.