Text Size:  
|
|
Configuring and Administering Your Server >>
SenderID / SPF / DomainKeys
"For people who make websites" - A List Apart Magazine explores the design, development, and meaning of web content, with a special focus on web standards and best practices.
HTML Validator is a Mozilla extension that adds HTML validation inside Firefox and Mozilla. The number of errors of a HTML page is seen in the form of an icon in the status bar when browsing. The details of the errors are seen when looking the HTML source of the page.
The extension is based on Tidy and OpenSP. Both algorithms were originally developed by the Web Consortium W3C. Both algorithms are embedded inside Mozilla/Firefox and makes the validation locally on your machine, without sending HTML to a third party server.
The extension is based on Tidy and OpenSP. Both algorithms were originally developed by the Web Consortium W3C. Both algorithms are embedded inside Mozilla/Firefox and makes the validation locally on your machine, without sending HTML to a third party server.
This project aims to create an archive of user contributed clip art that can be freely used.
Starting at the beginning, this reference explains everything you need to know about using core JavaScript. It assumes you have the following basic background: a general understanding of the Internet and the World Wide Web and a good working knowledge of HTML. An excellent resource.
Edit your images on the fly online with Splashup, a web-based image editor that integrates with Flickr, Facebook, and Picasa. Splashup offers up a surprising array of image editing tools, far beyond the usual crop of resize and contrast-- you can also edit multiple images, play with filters and layers, use a variety of brushes, and more. Splashup is one of the best image editors in a long line of image editors; i.e., Picnik, Pixoh, and Resizr, to name just a few.[Lifehacker Annotation]
This website will let you:
- Create an XML sitemap format that can be submitted to Google to help them crawl your website better.
- Create a Text sitemap to submit to Yahoo.
- Create a ROR sitemap, which is an independant XML format for any search engine.
- Generate an HTML site map to allow human visitors to easily navigate on your site.
Clearspring's free Launchpad widget builder lets you easily turn your website's content into a widget which site visitors can use to place your content on all the major social media sites (MySpace, FaceBook, Google, hi5, Live, Yahoo, Wordpress, Blogger, etc.). The service also provides tracking and analysis.
This site features online text and html changing, modifying, converting tools designed to save you time making web pages or preparing text for web publication. If you've ever needed to capitalize sentences or convert line breaks to <p> or <br /> then this site can save you needless manual labor. There are other useful tools as well, like the one to uncompress html to make it readable and the ones to uppercase or lowercase text. Basically, the most common tasks that someone who works in an office or does freelance web development might encounter. Most of the tools have been created using javascript so you should be able to change large amounts of text as the processing is done on your computer instead of being limited by a server script.
You've downloaded and configured your Apache server and are ready to move on to the next project. Can it really be left to fend for itself in a darkened room?
Yes. To some degree, anyway. On the other hand, completely ignoring your Apache installation would be foolhardy.
Yes. To some degree, anyway. On the other hand, completely ignoring your Apache installation would be foolhardy.
The Wikipedia entry for Sender Policy Framework (SPF).
The Wikipedia entry for DomainKeys.
This article, the first of a two-part series, explains the concepts and trade-offs involved in SPF protection and shows DNS administrators how to set up SPF records.
The Wikipedia entry for SenderID
This server allows you to check the format of any DomainKey, SenderID or SPF records published by your domain and to see the result of these authentication checks on any message you send to it. To use this service, send an email to any address at senderid.espcoalition.org. Once you have sent your message, click the "View Sample" button on the site to see your message results. Note that the results are quite detailed so you could use this site as a general analysis of your email setup as well.
Useful Resources
View all resources
Editor Favorites
- A List Apart
- HTML Validator Firefox Plugin
- Open Clip Art Library
- Core JavaScript Guide: Version 1.5
- Splashup
- XML Sitemaps Generator
- Clearspring Launchpad
- Text Fixer
Other Resources
- Apache Maintenance Basics
- Wikipedia SPF Entry
- Wikipedia DomainKeys Entry
- SPF Overview
- Wikipedia SenderID Entry
- SenderID/SPF/DomainKeys Test Server
Links to Consider
Sender Policy Framework (SPF)
SPF is an emerging mail server standard that aims to prevent forged e-mail addresses. For SPF to work, two parties must participate. First, webmasters/administrators for domains that wish to send email need to publish DNS SPF records. These records indicate the server(s) from which a domain sends mail. Any mail coming from a different server is to be considered forged. Second, e-mail administrators (typically for a web hosting firm or large email provider like Google, Yahoo! or an ISP) need to install SPF-enabled message transfer agents (MTAs[1]) to read SPF records. For reference, the primary resource for all things SPF related is the openspf.org site.SenderID
The Sender ID Framework (SIDF) is an e-mail authentication solution that helps identify and block forged and deceptive e-mail. The standard is spearheaded by Microsoft in collaboration with other industry leaders, Internet service providers (ISPs), and organizations worldwide. SIDF combines the Sender Policy Framework (SPF) and Microsoft Caller ID for E-Mail in an integrated, no-cost authentication solution that does not require any third party software licenses. So, basically, SenderID is like SPF with a few additions.DKIM (DomainKeys Identified Mail)
DKIM (DomainKeys Identified Mail) is an open-standard, signature-based email authentication system spearheaded by Yahoo! in collaboration with AOL, Microsoft, IBM, Verisign, Sendmail and other leading companies. DomainKeys essentially gives email providers a mechanism for verifying both the domain of each email sender and the integrity of the messages sent (i.e., that they were not altered during transit). Under this system, the domain owner generates a public/private key pair to use for digitally "signing" all outgoing messages. The public key is published in your DNS record, and the private key is made available to your DomainKey-enabled outbound email servers. When an email is sent, these keys generate a digital signature that is appended to the email header. On the receiving end, all information is verified to authenticate the email. DKIM does not eliminate or compete with other email authentication technologies such as SPF or Sender ID Framework; it is a sophisticated secondary level of defense. This site will tell you how to start the process of getting your DKIM keys. Read more at the Yahoo! Anti-Spam Resource Center.Miscellaneous Thoughts
Clearly something needs to be done about spam and phishing. Just how useful the methods described above are is debatable, but one thing that must be pointed out is that identity verification cannot actually eliminate spam or phishing problems. That is because a spammer can adhere to any of the identity verification schemes. Likewise, spam that is generated by worms or bot networks will be indistinguishable from legitimate email if the infected source has adopted an identity verification scheme. For more criticisms of the SPF scheme, an interesting, if a bit technical, article is SPF is harmful. Adopt it.
[1] An MTA is the program responsible for receiving incoming e-mails and delivering the messages to individual users. The MTA is commonly referred to as the mail server program. UNIX sendmail and Microsoft Exchange Sever are two examples of MTAs.
| Text Size:
|
|
TrackBack URI
