AOL announced its plans to begin DKIM verification sometime this next year during an ESPC call moderated by Ben Isaacson of CheetahMail with special guest Mike Adkins from AOL. DKIM is the next generation of DomainKeys, an encryption based authentication method, which is picking up adoption in the receiver community. Currently, AOL uses an IP based reputation algorithm to determine the propensity of outbound mail to be spam. Under the new paradigm, a sender’s domain will be verified against the DKIM signature with inbox success being determined by that domain’s reputation. Mike proposed that by the end of the first half of 2009 an initial version checking the signature will be in place.
It is important to note that the current IP based reputation filters and delivery metrics will continue as they have been with a regular and enhanced whitelist. DKIM will follow the same pattern with a domain whitelist explicitly requested by senders providing information about the domain and an enhanced domain whitelist that will be dynamically controlled by AOL (also coined an organic whitelist). Domain reputation will be looked at as the first layer of the onion and, absent DKIM, will fall back on IP based reputation scoring. It was also mentioned that SPF will be actively used as another data point providing information about a sender, whereas now SPF is checked but not used in the reputation algorithm.
You can use *@dkimtest.aol.com to test whether your outbound mail is DKIM signed properly (the * is a wildcard character meaning anything can be used, such as test123@dkimtest.aol.com). There are some other special provisions that will be included with the DKIM verification in regards to some third party accreditation services which inject headers into the envelope. It’s important to note that the first revision of DKIM with AOL will only help to add value to senders’ efforts for delivery but won’t punish senders who don’t currently sign. But, as Mike stated, they want to keep their email recipients “safe and happy” and to that end, the likelihood that DKIM will be used in greater force in the distant future is very possible. Net – get your email DKIM signed sooner rather than later!
To keep up with the latest on AOL, check out their blog.
Comments