Your IP Address: 107.20.129.212
Located Near:
Unlock The Inbox 30,492,787 Queries and Counting Follow Us On FacebookTrack Us on TwitterSubscribe To Our FeedSubscribe To Our YouTube ChannelParticipate in our Forums
   
Resources
Can Spam Act
Securing Your Server
How Email Works
 
How To Set Up
DMARC Records
SPF Records
MX Records
PTR Records
DomainKeys
DKIM Signatures
Sender ID
ADSP Author Domain Signing Practices ADSP Records
Feedback Loops
Abuse Contacts
SRS - Sender Rewriting Scheme SRS
 
Verifying Your
Email Authentication
ADSP Author Domain Signing Practices Identifier Alignments
 
How To Avoid
Spam Filters
Being Blacklisted
Losing Reputation
Being an Open Relay
 
Formatting Email
For Email Clients
For Devices
For Browsers
 
What Are Email
Bounces
Opens Rates
Clickthrough Rates
Email Headers

How To Set Up Your Author Domain Signing Practices


Published Standard: RFC 5617

What is ADSP?


Author Domain Signing practices (ADSP), was developed to help prevent the exploit of a legitimate email author's name recognition in the From field.

Malicous senders try to repersent themselves as authors for who they are not authorized to send mail, often in attemp to defraud either the recipient or alleged author.

ADSP is an extension of DKIM, some people will say it's an optional extension, because if your ADSP record is undefined, it's treated the same as if it was defined with an "unkown" policy.

There are currently is a total of three different outbound signing practices that can be set:
  • all - All mail from the domain is signed with an Author Domain Signature.
  • discardable - All mail from the domain is signed with an Author Domain Signature. Furthermore, if a message arrives without a valid Author Domain Signature due to modification in transit, submission via a path without access to a signing key, or any other reason, the domain encourages the recipient(s) to discard it.
  • unknown - The domain might sign some or all email.
Any other value than "all" or "discardable" is treated as "unknown". In other words "dkim=unknown" and "dkim=AnythingButAllorDiscardable" would be treated the same way.

If you use the term "all" or "discardable" that means all the email that you send in the from field with "user@domain.com" originates from your mail servers. If you use a third party provider to send mail on your behalf. Then you will set the ADSP dkim policy to "unknown".

The main difference between "all" and "discardable" is that "all" should to be treated suspiciously (given a higher spam score) by the recieving MTA Email Server, if the email is not signed by the users domain. "discardable" tells the receiving MTA Email Server to discard the message completely, if it's not signed by the users domain.

How do I set up my ADSP Policy?


First, you need to set up your DKIM: How to set up your DKIM Signature.

Next, you'll need to publish a DNS TXT resouce record type for your domain in this format.

_adsp._domainkey.<sub>.domain.example, if your domain email has sub domain emails you will simply replace the <sub>.

For example "user@blogs.domain.com" would have a key that looks like this.

_adsp._domainkey.blogs.domain.com

But, most commonly, most domain owners have emails like "users@domain.com" and that will look like this.

_adsp._domainkey.domain.com

The for the value of the record you will set either "dkim=all","dkim=discardable", or "dkim=unknown", based on the policy you wish to enforce.

You can generate your ADSP record by using our wizard: ADSP Wizard

Here's an example of our what our ASDP record looks like, which you can see by clicking here: Our ADSP Record or viewing the image below.

ADSP Record

Once you have your ADSP set up in DNS, you can send an email to "mailtest@unlocktheinbox.com" and it will auto-respond letting you know if it detected you ADSP policy in DNS.

Source: Unlock The Inbox
Sponsored Links

Privacy Notice  |  Terms of Use  |  Site Map |  FAQ's  |  Donate  |  Forums  |  Contact Us
Copyright © 2013 Unlock The Inbox