Twitter adds DMARC authentication to prevent e-mail phishing


Twitter joins the likes of AOL, Gmail, Outlook, and Yahoo! Mail to deploy the Domain-based Message Authentication, Reporting and Conformance e-mail authentication.

Invite for the RealSense Hands-on LabShare your idea and get a chance to bring it alive on Intel HANDS ON LAB
Click to know more
Intel IoT Developer KitDive into starter guides and sample projects to help get your development environment up and talking to your hardware
Click to know more
Twitter adds DMARC authentication to prevent e-mail phishing

Twitter has announced it is using a new technology called Domain-based Message Authentication, Reporting and Conformance (DMARC) in order to ward off e-mail phishing from its social networking service. According to Twitter, DMARC technology will make it “extremely unlikely” for anyone to send e-mail pretending to be from a Twitter.com address.

“Without getting too technical,” writes Twitter’s ‘Postmaster’ Josh Aberant, “DMARC solves a couple of long-standing operational, deployment, and reporting issues related to email authentication protocols. It builds on established authentication protocols (DKIM and SPF) to give email providers a way to block email from forged domains popping up in inboxes.”

Aberant reveals even as the protocol is young, it is already being used by the four major e-mail service providers – AOL, Gmail, Outlook and Yahoo! Mail. “We hope to see it gain more coverage for our users as even more email providers adopt it, and that it gives you more peace of mind when you get an email from us,” he added.

Twitter's announcement with regard to use of the DMARC technology comes shortly after a few of its high-profile accounts, such Jeep and Burger King, suffered malicious attacks.

DMARC allows a sender to mark in their e-mails whether they are protected by SPF and/or DKIM, and notifies the receiver what to do if neither of those authentication methods passes such as send to junk or reject the mail. Technical details with regard to DMARC are available here.
 

Share on FacebookShare on Twitter


Discuss this Story