Goodmail Systems Announces DKIM-Based CertifiedEmail

SAN FRANCISCO--(BUSINESS WIRE)--Goodmail Systems, the creator of CertifiedEmail™, today released the first DKIM-based CertifiedEmail software development kit (SDK) at the Online Trust Alliance (OTA) Town Hall & Forum at the Palace Hotel, San Francisco. DKIM is an emerging cryptography-based standard for email authentication that enables email receivers to verify what internet domain is responsible for a message.

“Recognized by leading email providers as the ultimate defense against email fraud and phishing, CertifiedEmail messages are granted special delivery privileges and are distinguished with a trust icon in the user interface”

CertifiedEmail is now the only closed-loop DKIM-based solution in which each individual message is certified, signed, and monitored by a trusted third party. So not only must the domains of CertifiedEmail senders be authenticated through DKIM, but they are also subject to processes that prevent those domains from spreading spam, phishing and malware. Fraudsters may use DKIM to authenticate their lookalike domains, but their spam, phishing and worms will never carry the distinctive CertifiedEmail icon.

“Fraud is a complex problem that demands a solution integrating several layers of technology. DKIM addresses an important element of that problem, so long as it’s part of an end-to-end solution backed up with the right monitoring and processes,” noted Goodmail CEO Peter Horan. “It’s great to have anti-lock brakes on your car, but let’s remember that you still need seat belts, air bags, rollover control, crumple zones and a phone for 911.”

Standalone DKIM email authentication – even implemented in its most aggressive forms – is insufficient to prevent the forgery of legitimate brands, leaving open a wide loophole for online scammers that can and has been frequently exploited. For example, recent attacks against frequently phished brands have involved the use of domain names nearly identical to the genuine domains, avoiding the use of the legitimate domains themselves.

With software installed at both the sending and receiving ends, CertifiedEmail closes the loophole by establishing a trusted, private pipeline between legitimate senders and recipient mailboxes. CertifiedEmail includes an accreditation layer built on top of DKIM authentication and confirms that senders adhere to the high standards required by Goodmail’s Acceptable Use Policy; security benefits extend well beyond those that can be achieved through basic domain whitelisting or other approaches, by including a method for pre-registering "From" headers, enforceable quotas, real-time security and privilege-revocation mechanisms, and visual demarcation of messages as authentic in the inbox.

Dave Crocker, consultant, long-time Internet Mail standards contributor and Goodmail advisor said, "Goodmail's adoption of DKIM for its authentication layer is exciting because it further validates both the standard and Goodmail's value-add beyond the standard."

CertifiedEmail DKIM is the gold standard for email brand protection. CertifiedEmail has been implemented by leading ISPs, all leading email marketing service providers (ESPs), and a vast network of OEMs including providers of Mail Transfer Agents (MTAs), edge devices, User Interface (UI) suites, anti-spam and anti-phishing filters, and other email security related products. More than 30 billion CertifiedEmail messages were deployed by Goodmail’s senders in 2008.

“Recognized by leading email providers as the ultimate defense against email fraud and phishing, CertifiedEmail messages are granted special delivery privileges and are distinguished with a trust icon in the user interface,” said Daniel Dreymann, president and co-founder, Goodmail Systems. “Leveraging the CertifiedEmail infrastructure, we recently introduced CertifiedVideo™, the only solution that enables senders to stream video inside an email message; Goodmail will introduce other rich functionalities that create a more vibrant email experience built on trust and security.”

About Goodmail Systems

Goodmail Systems is the creator of CertifiedEmail™, the industry’s standard class of trusted email. CertifiedEmail provides a safe and reliable means for consumers to easily identify authentic email messages from legitimate commercial and nonprofit email senders. Each CertifiedEmail is sent with a cryptographically secure token that assures authenticity and is marked in the inbox with a unique blue ribbon envelope icon, enabling consumers to visually distinguish email messages which are real and sent from email senders with whom they have a pre-existing relationship. Available to email senders meeting strict standards for best practices and low complaint rates, it is the only class of email available that assures delivery of all opt-in email messages to the inbox, with links and images automatically rendered intact, yielding measurable improvements in email effectiveness. CertifiedEmail has been adopted by seven of the nation's top 10 email mailbox providers and is in use by 500 commercial, government and non-profit senders. It is supported in North America and Europe by a wide network of email platforms and service providers. For more information, go to www.goodmailsystems.com (businesses) or www.certifiedemail.net (consumers).