As of this morning Google Apps customers have the option of signing all outgoing email with the email authentication standard DomainKeys Identified Mail (DKIM). Users who enable this service will be much less likely to have their email blocked by a recipient’s spam filters. Google Apps administrators can find the new option in the “Advanced Tools” tab of the control panel.
Spam filters look for signatures from DKIM and other email signing services and treat unsigned emails with more “skepticism” than emails that are signed. Consumer Gmail accounts are signed by DKIM automatically, but this feature has been missing from Google Apps until now.
Adoption of email signing services could help reduce the overall level of spam, but it’s not a cure all solution. According an article on DKIM from Web Hosting News, the impact on phishing attacks from DKIM may be very quick since it will make it harder to forge emails. However, its impact on spam may take longer because there’s nothing stopping spammers from using DKIM authentication themselves. “The spammer then has to ‘get caught,’ or build a reputation as a spammer,” the article states.
Wikipedia lists another disadvantage, but doesn’t provide any citation. According to the Wikipedia entry for DKIM, it’s possible for a spammer to authenticate the message and send out a single copy of the message. “The signed copy can then be forwarded to millions of recipients, e.g. through a botnet, without control.”
However, the gradual adoption of DKIM and other authentication servers should help reduce the amount of spam eventually, and Google Apps support for DKIM is a step in the right direction. The only question is why it took Google so long to implement it in Google Apps. Users have been requesting it for years.