Member Directory  | Security Resources & Record Verification Tools  l  Member Blogs

Email Authentication Resources & Compliance Reports


AOTA State of the State of Email Authentication Report - Authentication Passing the Tipping Point

AOTA Authentication Press Release and Call to Action - Brand and ISPs to implement within 6 months

Business and Industry Resource Directory (410 KB PDF, updated 2/1)
Includes over 100 email marketing, technology, consulting and service providers who support SIDF, DK and or DKIM.
To submit your update our company information click here>

Compliance Reporting (January 2008)

Resources

Sender ID / SPF Overview   l   DK/DKIM Overview   l   Other Presentations   (from AOTA Summit 2007)

DomainKeys Identified Mail (DKIM) - A signature-based mail authentication standard for for validating an identity that is associated with a message.  The base DKIM specification has been approved by IETF as a proposed standard.  DKIM is a synthesis of earlier specifications from Yahoo! (DomainKeys) and Cisco (Identified Internet Mail).

Sender ID Framework - Overview of the SenderID Framework (SIDF), including presentations, white papers and technical specifications.  SIDF reflects the combined specifications of SPF and Microsoft's Caller ID for email proposal. (Hosted by Microsoft Corporation)

SPF / Sender ID Record Wizard SPF / Sender ID Record Wizard - Tool to create SPF records by entering your domain name and including the IP addresses of third parties authorized to send mail on your behalf.

The Urgent Need to Implement E-Mail Authentication (PDF) - A value proposition for senders, users, and domain holders

Use of PTR / Reverse DNS look up
Several readers have inquired on the use of a PTR or reverse DNS lookup.  AOTA strongly encourages site owners to follow the warning as published in the IETF RFC and NOT use a PTR;  The specification for SPF records (RFC 4408 see below) discourages use of "ptr" for performance and reliability reasons. This is especially important for large ISPs as a result of the very high volume of mail they receive each day.  We recommend you remove the "ptr" mechanism from your SPF record and, if necessary, replace it with other SPF mechanisms that do not require a reverse DNS lookup, such as "a", "mx", "ip4" and "include." This will help ensure the validation is performed as accurately as possible.

Additional Resources >

* Data Sources:   Internet Retailer   l   FDIC   l   Fortune 500 (2007 List published by CNNMoney.com, a service of CNN, Money and Fortune)


Listing of companies is not an endorsement nor should it be considered disparaging by AOTA, its members and affiliates, nor is it an assertion of their web security or lack there of.  Information is provided for information purposes and is current at time of publishing and will be updated quarterly.  To report updates, email staff@aotalliance.org,.

 Back To Top

revised 1/29/08

 
Privacy Policy


Home Summit 2008 News Resources About Us Summit Archive Members Login