To fight spam, Google Apps adds e-mail signing

Google has added a technology called DKIM to Google Apps, letting companies sign messages so recipients can be sure they're authentic.

Stephen Shankland Former Principal Writer
Stephen Shankland worked at CNET from 1998 to 2024 and wrote about processors, digital photography, AI, quantum computing, computer science, materials science, supercomputers, drones, browsers, 3D printing, USB, and new computing technology in general. He has a soft spot in his heart for standards groups and I/O interfaces. His first big scoop was about radioactive cat poop.
Expertise Processors | Semiconductors | Web browsers | Quantum computing | Supercomputers | AI | 3D printing | Drones | Computer science | Physics | Programming | Materials science | USB | UWB | Android | Digital photography | Science Credentials
  • Shankland covered the tech industry for more than 25 years and was a science writer for five years before that. He has deep expertise in microprocessors, digital photography, computer hardware and software, internet standards, web technology, and more.
Stephen Shankland
2 min read

Google has made it possible for Google Apps customers to sign their outgoing e-mail using a technology called DomainKeys Identified Mail (DKIM) that makes it easier to ensure a sender is who he or she says he is.

Google has been using DKIM since 2008 to show Gmail users when incoming mail really is from PayPal and eBay--two major brand names often caught up in spoofed e-mails used in phishing attacks. Now the technology is available more broadly and for the e-mail Google Apps users send.

An e-mail signed by its sender with DKIM gets a "signed by" line in Gmail as an assurance it's authentic.
An e-mail signed by its sender with DKIM gets a "signed by" line in Gmail as an assurance it's authentic. Google

"Today...we're making it possible for all Google Apps customers to sign their outgoing messages with DKIM, so their sent mail is less likely to get caught up in recipients' spam filters. Google Apps is the first major e-mail platform--including on-premises providers--to offer simple DKIM signing at no extra cost," said Adam Dawes, a Google Enterprise product manager, in a blog post.

"As more e-mail providers around the world support DKIM signing, spam fighters will have an even more reliable signal to separate unwanted mail from good mail," he added. "E-mail authentication is an important mechanism to verify senders' identities, giving users a tool to recognize potential spam messages. In addition, many mail systems can display whether a received message is DKIM-verified, which helps spam filters verify and assess the overall reputation of the sender's domain: messages from untrusted senders are treated more skeptically than those from good senders."

In addition, Google yesterday added an option to Google Apps that lets administrators restrict who may send e-mail and to whom. "For example, school faculty and staff can have unrestricted e-mail access while students have the freedom to send and receive e-mails within the school community but are protected from unwanted e-mail interactions with outsiders," Dawes said.