Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Connect » Domain Keys
  •  
seali

Messages: 55
Karma: 0
Send a private message to this user
  •  
pwhodges

Messages: 144
Karma: 0
Send a private message to this user
The trouble is that the various authentication schemes that are patched onto SMTP are all variously flawed, and so effort put into implementing them may well be wasted when eventually an agreed scheme appears. This wouldn't matter if they were clearly effective, but it is not currently clear that they (domain keys, SPF, sender ID, et al) can give any useful benefit at present.

Worth trying if it doesn't distract from anything else, but I suspect that there are other developments that it would be better for Kerio to work on.

Paul
  •  
kenwest

Messages: 47
Karma: 2
Send a private message to this user
Anyone know if Kerio is doing any work on DKIM since it has just been published as RFC 4871?
  •  
kenwest

Messages: 47
Karma: 2
Send a private message to this user
Could anyone at Kerio comment on the future availability of Domain Keys Internet Mail?
  •  
kenwest

Messages: 47
Karma: 2
Send a private message to this user
The original question remains unanswered.

Both DomainKeys and DKIM are now standardized by the IETF as RFC 4870 and 4871 respectively.

On December 3rd, 2008 Sender Score Certified (SSC), the White List for Hotmail (and soon to be for Yahoo! Mail), notified us that they will begin requiring outbound email messages be signed with DKIM in 2009.

Here is the direct quote from the 12/03/2008 SSC Service Notice: "DKIM will also become a Sender Score Certified program requirement sometime in 2009. We suggest you begin signing your outbound email with both DK and DKIM as soon as you can. AOL recently announced they will begin changing their white list to be DKIM-based in the second half of 2009, and other ISPs are likely to follow. More information can be found at http://dkim.org."

Naturally, being able to successfully deliver email to the largest email provider on the planet (Hotmail) is a must. And, anything that can be done to improve email deliverability is important for any email server provider.

We send many of our emails via a seperate Virtual SMTP server in IIS. And, we recently found a piece of software from EmailArchitect (I don't work for them or have any affiliation with them) that allowed us to implement both DomainKeys and DKIM signing for outbound email messages on these servers. Our email deliverability to the inbox versus the junk folder immediately increased on Yahoo, GMail, and Hotmail by an average of 12%. Very respectable! And, all of the links and images in our email messages are now turned on by default.

Kerio: It is now time time to give serious consideration to implementing DomainKeys and DKIM. It is not that difficult to implement and you are now safe in doing so because both are standardized by the IETF. Email deliverability is core to your product offering.

Can you please help us out in the next release with a solution to this?

Thanks in advance!
  •  
kenwest

Messages: 47
Karma: 2
Send a private message to this user
As of today if you are not signing your outbound email with either DomainKeys (DK) or Domain Keys Internet Mail (DKIM), you are not eligible to participate in the Yahoo Feedback Loop.

This is in conjunction with the Sender Score Certified program, the program that handles the White List for Hotmail and now Yahoo.

Following is the relevent text of today's announcement: "3. Sign up for the new Yahoo! Feedback Loop in order to troubleshoot and reduce sources of complaints. Return Path, in conjunction with the Yahoo! Mail, has launched Yahoo!’s domain-based Complaint Feedback Loop (FBL) on January 20th. Please note that signing with Domain Keys (DK) or DKIM will be a requirement for participation in the Yahoo! FBL – without either one, you won’t receive any feedback."

Kerio - I invite you to contact Sender Score Certified directly to verify what I am saying so that you will realize the importance of your mail server becoming compliant with the requirements of the program that handles the White List for the largest email provider in the world (Hotmail) and is now going to handle the White List for Yahoo Mail. And as I mentioned earlier, AOL will begin requiring DomainKeys and/or DKIM signing of outbound email to be included in their White List later in 2009.

Please tell me someone at Kerio is listening?
  •  
TorW

Messages: 769
Karma: 9
Send a private message to this user
If they are, they are probably not going to reply. Apart from Mr. Dobry, Kerio is apparently not trawling the forum in order to reply to any general questions. You should definitely file this as a request in their ticket system, but the reply may or may not suit your needs. I 've had varying success in getting useful answers from support, although they DO answer.
  •  
kenwest

Messages: 47
Karma: 2
Send a private message to this user
Thank you TorW for your response.

I opened a ticket on this as of 12/31/08.

The reply from Kerio: "Thank you for your feature request. Unfortunately this functionality is not currently available, but we do have a suggestion on file for this. We will add your request for this feature to our suggestion database. Please note we do not have a time frame on if or when this feature may be available."

They closed the ticket.

I reopened it with additional information. They closed it again.

I have now reopened that same ticket with the new information about the Yahoo Feedback Loop that was published today.

I hope that someone at Kerio will understand the importance of this feature to email deliverability.
  •  
Tomas Soukup (Kerio)

Messages: 151
Karma: 0
Send a private message to this user
Hello, thank you very much for reporting this issue.
Of course, Kerio is listening our customers Smile, we - in development - are trying to read posts on our forums, however we don't have time to answer most of them.

Regarding the DomainKeys and Feedback Loop Program, here are my comments as I understood it:
- not having DKIM doesn't affect mails sent by KMS, reaching Yeahoo!, it means that with DKIM implemented there will be a better chance for mail to not end in Junk
- without DKIM you won't be able to use and analyze mails marked by Yahoo as Junk and returned via Feedback Loop. Currently, this affects minority of our customers - mostly ISP's or mass mail senders (newsletters, campaigns, ...). Usual SMB's probably won't use Feedback Loop
- support for DKIM isn't related to Sender Score Certified program

Anyway, I think that importance of DomainKeys is recently going up as more big companies are using it (without wide use the DK is useless Smile ), therefore it is also going higher on our priority list of future features.
But we are currently reassessing our plans with DomainKeys, however I can't promise you a date yet.


Tomas Soukup
Product Development Manager
Kerio Technologies

  •  
kenwest

Messages: 47
Karma: 2
Send a private message to this user
Hello Tomas. Thank you for the post.

As to your comments:

1.) Yes, you are correct. Our experience so far indicates that across Yahoo, Gmail, and Hotmail that we achieve a 12% improvement in deliverability to the Inbox versus the Junk folder when we sign outgoing emails with DomainKeys and DKIM.

We are a small business, but our emails are very important to us. Our emails are invitations and reminders to participate in surveys as we are a research company. Our volume is very low, considered a "1" by Sender Score Certified.

2.) Yes, you are correct again. Without signing your outgoing emails with DomainKeys or DKIM or both you cannot signup for the Yahoo AntiSpam Feedback Loop.

3.) No, this is incorrect. On December 3rd, 2008 Sender Score Certified (SSC), the White List for Hotmail (and as of January 27th, 2009 for Yahoo! Mail), notified us that they will begin requiring outbound email messages be signed with DKIM in 2009.

Here is the direct quote from the December 3rd, 2008 SSC Service Notice: "DKIM will also become a Sender Score Certified program requirement sometime in 2009. We suggest you begin signing your outbound email with both DK and DKIM as soon as you can. AOL recently announced they will begin changing their white list to be DKIM-based in the second half of 2009, and other ISPs are likely to follow. More information can be found at http://dkim.org."

From a development standpoint, there are various software modules on the market that make implementation of DomainKeys and DKIM much easier than having to write all of the code from scratch. One vendor, who we have absolutely no affiliation with, but we have used for our Virtual SMTP servers in IIS is located at http://www.EmailArchitect.net. We bought their DomainKeys/DKIM software product for $588 for an unlimited license across an unlimited number of domains and servers.

Thank you for listening and I hope that Kerio will add DomainKeys and DKIM signing for outbound emails very soon.
  •  
sedell

Messages: 1168
Karma: 1
Send a private message to this user
Kerio_tsoukup wrote on Thu, 22 January 2009 08:09


Regarding the DomainKeys and Feedback Loop Program, here are my comments as I understood it:
- not having DKIM doesn't affect mails sent by KMS, reaching Yeahoo!, it means that with DKIM implemented there will be a better chance for mail to not end in Junk
- without DKIM you won't be able to use and analyze mails marked by Yahoo as Junk and returned via Feedback Loop. Currently, this affects minority of our customers - mostly ISP's or mass mail senders (newsletters, campaigns, ...). Usual SMB's probably won't use Feedback Loop
- support for DKIM isn't related to Sender Score Certified program


I would have to disagree with those statements. At least a few major mail providers have announced plans to implement Domain Keys or DKIM, and either have plans, or are investigating making it mandatory for at least some of their services (I wish I had the link to the article, but I can't find it atm).

I would also disagree that Feedback Loops only apply to ISPs. E-mail is heavily used and relied on for business now. Responsible system admins take every step possible to insure it remains as reliable as possible. I know several system admins who at least use feedback loops for major mail providers, myself included. If there is a problem with mail that is being sent from a mail server, whether there is a misconfiguration allowing abuse, an infected computer relaying mail through the server, or just someone sending mail the recipient doesn't like, it is far better to know about it and address the issue before the server ends up on a blacklist. Ending up on a blacklist would have a huge negative business impact.

Scott
  •  
kesleri

Messages: 15
Karma: 0
Send a private message to this user
I strongly suppor the implementation of DomainKeys, Yahoo places e-mails without DK within the Spam folder, please increase your priority on developing support for DK, it has already been ~1 year since DK was implemented by the most free e-mail providers and KMS still does not offer support for this thing.

I am thinking of switching to another mail server just because of DK.
  •  
kenwest

Messages: 47
Karma: 2
Send a private message to this user
TO KERIO DEVELOPMENT:

Hi. DomainKeys and DKIM have been a standard since 2007, IETF RFC 4870 and 4871 respectively.

There is now widespread implementation of DomainKeys and DKIM and they have been requested by several Kerio users since 2005.

It is a known fact that by using DomainKeys and DKIM on your outgoing emails that a higher percentage of those emails will be delivered to the inbox versus SPAM folders.

Note that now it is fairly easy to implement in your software as there are a number of 3rd party developers who will sell you an unlimited license for the code for very little money. If having this feature allows you to sell even 5 more copies of Kerio Connect I believe that it would be a profitable feature enhancement for Kerio. Admittedly, I do not know your margins, but I believe this to be a good guess. Any idea how many RFP's/RFQ's you are missing out on because you cannot put a check in the DomainKeys/DKIM box?

Any update on when Kerio might consider implementing this feature?

Thanks!
  •  
Radek Sip (Kerio)

Messages: 1319
Karma: 48
Send a private message to this user
Hi Ken,
please use our "Suggest Idea" button in the welcome screen of Web Administration to create new suggestions and vote for existing ideas. Otherwise, there is a risk that your suggestions will not be taken into account. Thank you for understanding.

Stay Connected Anytime, Anywhere. Discover Kerio Cloud!
jpitt2k6

Messages: 2

Karma: 0
Send a private message to this user
SO............ NO DKIM's from or for Kerio connect. i too am interested in this as Yahoo is being even more particular about emails hitting their servers. thansk
Previous Topic: Outlook Shared Calendar: "Failed to update"
Next Topic: one user with 2 alias
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Fri Jul 28 06:50:00 CEST 2017

Total time taken to generate the page: 0.00540 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.