DKIM: The Vision of the Future

Today, the DKIM technology is new and most messages are not signed. Senders that sign and mail to recipients that verify will both experience immediate improvements, but in the short run most received messages will not be signed. This early situation allows the recipients to “filter in” good, signed mail to reduce the false positive rate (good messages misclassified as dangerous or junk), but won't help very much at reducing the false negative rate (bad messages misclassified as good). But this is a short-term problem.

As legitimate senders start signing, a larger and larger percentage of legitimate messages received will be signed, and unsigned messages will look more and more suspicious. This will allow us to be even pickier than we have been about how "spammy" a message can appear before we accept it (that is, we can increase the sensitivity of the filter). Look at it this way: suppose 90% of the messages that are sent to you are garbage that you don't want, but 10% of them are good. If 1000 messages a day come in for you that means 900 of them are garbage and 100 are wanted. But since your existing content filters aren't perfect, mistakes are made. Suppose your filter is 99.99% accurate on good mail (so one good message in every ten thousand is incorrectly classified as spam) and 99% accurate on bad mail (meaning that one spam message in every 100 received is misclassified as good mail). That means that nine spam messages each day will make it into your mailbox, but you'll lose one good message every one hundred days.

Now suppose that using DKIM we can immediately route 90% of your good mail (that is, 90 messages per day) into your inbox without further filtering. Then only 10 good messages per day need to be screened by content filters rather than 100, so you'll lose only one good message every 1000 days. Of course, you'll still be getting 9 spam messages each day.

But now, because of the very low loss rate for good messages, we can increase the sensitivity of the content filters. Suppose you tune them to catch 99.9% of all bad mail, but that means they are only 99.95% accurate on good mail. Without DKIM you would see less than a single spam message per day, but at the cost of losing a good message once every twenty days. But with DKIM you would still be under one spam message delivered per day, and would be losing only one good message every 200 days. With this approach bad mail is reduced by a factor of ten while misclassifications of good mail are cut in half. These numbers are based on approximations of what I've seen in the field, but they will certainly be different depending on what sort of spam you receive, what filtering software you run, and who you correspond with.

Ultimately, when DKIM is very widely deployed and authenticated mail becomes the norm, some recipients may choose to discard unauthenticated messages. When senders must reliably identify themselves in order to ensure that their messages get through, we will enter the age of email accountability. Of course, some spam and phishing will continue to occur through stolen accounts, virus-infected computers, and from new domains whose reputation has not caught up with them. However, we can expect the volume of bad messages to be reduced substantially when DKIM authentication becomes the norm for all email.