If you’re a user of the Yahoo! Mail Beta, you may have noticed a new icon showing up in the headers of some email messages (if you’re on the beta and you still don’t see it, give it time…I believe the update is still rolling out to everyone). Anyway, the little envelope and key means the email sent to you is DomainKeys certified.
Uh, okay. What on earth does that mean, Ryan? According to the help page:
In short, DomainKeys is a forger’s worst nightmare.
It works a little something like this. You receive email from your bank (let’s say you bank with The Large Bank). The email is from accounts@thelargebank.com. You’re not sure if it’s legit or not, but it has this little DomainKeys icon next to the sender’s email address. That icon tells you one thing: the email was, in fact, sent from your bank’s domain (assuming your bank is thelargebank.com).
So, if there’s no icon, does that mean that someone’s trying to con me into giving up information about myself? Not necessarily. Not everybody is using DomainKeys, yet. But DomainKeys is picking up steam and a lot of industry support, so expect that to change.
What about the opposite case? If there is a DomainKey icon, does that mean the email isn’t malicious? Unfortunately, no. It just means that the domain who sent the mail is who they say they are. Someone could send you DomainKeys certified mail from accounts@thefakelargebank.com. You still need to identify that person and make sure you’re doing business with the right person (if you bank with The Large Bank, don’t send your personal details to The Fake Large Bank).
Because DomainKeys allows you to reliably identify the sender domain, you can start building domain reputations. For instance, if a lot of people report that they get spam or malicious email from thefakelargebank.com, mail systems can begin dropping mail from those senders based on that reputation.
Well, with any luck I’ve helped explain DomainKeys a little better. If I’ve totally botched my explanation of it, hopefully Mark (Mr. DomainKeys) will come and correct me. If you’re looking for additional information regarding DomainKeys, here’s a couple of handy links:
Update: Fellow Yahoo! Miles provides some good details in the comments. The major takeaway is that “certified” is too strong a word to use with regard to DomainKeys (which I shouldn’t be spelling with a space). “Verified” is more appropriate.
I’d say you got it right — my nits would be the spelling –its DomainKeys — no space, and I’m not sure I’d use the word ‘certified,’ as I think it implies just a bit too much trust (instead favoring something like verified). You accurately point out that we can be sure that it’s from thefakelargebank.com or thelargebank.com, but only one of those is likely trustable.
I received an e-mail from Uk saateing that I had won money. Of course they wanted my personal information. I knew it was a fake. I then notice the key for the first time so I clicked on it. Then went to where they explain DomainKeys and said after reading it this is saying the sender is real. I felt that would onlu mean tha tthe sender was real but the sender could be takeing advantage of me. Yahoo did not do a very good job of explaining DomainKeys and I felt that was bad because they way the explained to many people they would of trusted the e-mail about the money and sent the information. So I to search and nothing came up on yahoo help so I searched the web and found the link to your sight and was so tickled when you said ok so what the heck is Domain Keys. I knew instantly you felt the same as I did about the explaination yahoo gave on the Domain Keys. I dont know if you just posted this information because you felt it was nessary for people to understand Domain Keys but you not only exolained what it is you explained how it did not really protect you it simply let you know if the mail came from who it says it is from. That lets people know that they should still not trust some e-mails with a key on it. I think spam is helping to stop us receiving e-mail like the one I did for winning money but we need a sight where we can copy and past these e-mails and it keep up with the address and people who are sending these fake, bad not true whatever you want to call them e-mails. That would also give us a list to check out this. I know their is a sight to check out fake e-mails and that helps and I am so glad yahoo is trying to do something to help it stop but they really need to explain what you did that the key does not mean it is a safe and true e-mail. If your not paid to do this and infor people as you did out of the kindness of your heart your special. Have a great Valentines and stay safe !!!
Carole
Thank you for explaining domainkeys,but what if i see that symble,and i cant see the pics,like all i see is red x’s,where a pic should be?
Marsha…that probably means you have image blocking enabled. There ought to be a link or button to show the images.
I responded to an email on craigslist to rent a house. The “supposedly” owner responded back to me and said he was now in Africa but to send him $180 via western union and he would fedex me the key. The response had the certified domainkey icon next to the email address. I went to look at the house and there was a real estate agent at the house telling me the house was not for rent but for sale. She was in touch with the real owner of the house and told me my ad was a fake. Can a person tap into another persons personal ad and still show the certified domainkey icon? I’m still a little confused.
The person who set up the ad is a fake.
There really should be a web page to post email addresses that are not legit. I have a few that are supposed to be domainkeys verified. I met someone online, who after a couple of weeks of chatting, suddenly went to Africa on business overnight. He is a nice looking man supposedly American with Italian decent. We have talked on the phone several times. Recently I asked him what his favorite Italian meal is and he replied “rice and chicken”. He sounded as though he didn’t even know what spaghetti or ravioli is. LOL at myself for being so trusting. Before he left for Africa he sent me his domainkeys verification. I believed this. they were obviously bought to deceive innocent people. Now I don’t know who to trust! There should be a more secure process. thanks for reading….please reply….Donna
Donna, I’m not sure you understand what DomainKeys are. DomainKeys won’t verify the identity of someone.
i received a mail with domainkey certified from a bank in africa. they want to transfer monney to me and they need my BANK`s NAME, my ACCOUNT NAME, my SWIFT CODE / ROUTING NUMBER, and my ACCOUNT NUMBER. so, if i send all of this, even if they are fake, what will i loose? how do they can take of my monney? i think they will get nothing and i will loose nothing; what do you think?
why do my contacts on yahoo who are domainkeys certified appear as “***** *****” then their email address now.? it was never like that before…
there is a man that is trying to get me to send him money and he can come to the u.s. and he suppose to sent me some pictures and they didnt come in. there was just a little figure and its not a piture. he is sweet talking me and getting in my head. i think this is a scam, plz help
Let me see if I’ve got it — DomainKeys verifies that the sender’s stated domain is indeed the domain from which the sender is sending.
It does NOT mean that the sender is a real person, or an honest person, just that he/she is sending from the stated domain.
This would mean that if one wanted to track down the sender, one would be starting with the actual domain, be it in Africa, China or UbiquitousStan.
BTW, if it feels like a Scam, it likely is — Money by certified check or Western Union to EBay or Craig’s List advertisers is money lost… In fact, anyone wanting money is likely to be a Scam, even if it’s your own kids
Pete, yes…that’s right. DomainKeys isn’t about helping you to track down scammers. It’s more about knowing if an email that says it’s from your bank really came from your bank.
How do I get my yahoo account email to have the little DomainKeys icon next to it? It’s not showing up when I look at/open my sent emails.
Jessica, the messages in the Sent folder don’t include the DomainKeys headers. Those headers are added by the outgoing mail servers, so they’re added after the message is copied to your Sent folder.
Try emailing yourself sometime. You should see the DomainKey icon next to the message you receive in your Inbox, but not next to the message in your Sent folder.
Thank you sooo much for this info Ryan. Enough said yet Yahoo didn’t even begin to explain it.
Can anyone tell me what exactly “g=” means? is it only for domains? or can I use it to lock it down to only one email address?
I have gotten e-mails from my brother for long time, I have many e-mails that this domainkey verified but it will not let me open the file. I read on here that it might have something to do with images, but I don’t know where to go to try and fix this. I have Vista. Can anyone help me with this?
thank u mr.ryan.i can understood but i am not fully clear about this.i have received a mail with “this sender is domainkeys verified”.what does it mean?if there is any pblm about this to me or my email id.what does it exactly mean whats the purpose of receiving such message.this had came along with the senders email id to my id.whats the purpose of identifying the domain keys
I sent an email to two friends, and shortly got a response from someone else. There was the “domainkey verified” icon next to the address. I have no idea who the sender is, nor were they on my contact list (I would have expected it to have showed up as spam). Can you offer any explanation? Is there any way to track down the sender, who simply identified him(her)self as “Shadow”?