This is part 7 of an 8 part series on Email Authentication, to go to part one click here.
ISP Adoption of Email Authentication
As stated earlier, there has been no general adoption of one specific email authentication standard by the ISP and receiving communities. Additionally, ISPs generally have not been forthcoming about what authentication methods they choose to implement. In April 2006, a report2 was released by the Email Sender and Provider Coalition, showing which ISPs were using authentication on their systems. Since then, there have been a significant number of changes, and there has been no official update of what authentication methods ISPs use today. Nevertheless, most ISPs that are verifying authentication will typically include verification headers in a delivered email address. Following are examples from three different ISPs verifying email authentication:
Gmail verifying SPF and DKIM:
Authentication-Results: mx.google.com; spf=pass (google.com: domain of [email protected] designates 192.168.1.1 as permitted sender) [email protected]; dkim=pass [email protected]
AOL verifying DKIM:
X-AOL-SCOLL-AUTHENTICATION: mail_rly_antispam_dkim-m245.1 ; domain : example.net DKIM : pass
Yahoo verifying DomainKeys:
Authentication-Results: mta108.mail.ac4.yahoo.com from=example.net; domainkeys=pass (ok)
>>Continue on to The Complete Guide to Email Authentication, Part 8