Difference between revisions of "Glossary"

From DMARC Wiki
Jump to navigation Jump to search
m
m (D)
Line 29: Line 29:
 
;{{anchor|DK}}DomainKeys (DK)
 
;{{anchor|DK}}DomainKeys (DK)
 
:'''Domain Keys''', or '''DK''', is a signature-based [[#Email_Authentication|Email Authentication]] technique originally created by Yahoo!. It is documented in [https://tools.ietf.org/html/rfc4870 RFC4870], but note that it has been superseded by [[#DKIM|DKIM]]. More information is available through [https://en.wikipedia.org/wiki/DomainKeys Wikipedia], or from [http://web.archive.org/web/20071018075018/http://antispam.yahoo.com/domainkeys/ Yahoo's description] (via Archive.org).
 
:'''Domain Keys''', or '''DK''', is a signature-based [[#Email_Authentication|Email Authentication]] technique originally created by Yahoo!. It is documented in [https://tools.ietf.org/html/rfc4870 RFC4870], but note that it has been superseded by [[#DKIM|DKIM]]. More information is available through [https://en.wikipedia.org/wiki/DomainKeys Wikipedia], or from [http://web.archive.org/web/20071018075018/http://antispam.yahoo.com/domainkeys/ Yahoo's description] (via Archive.org).
 +
  
 
;{{anchor|DKIM}}DomainKeys Identified Message (DKIM)
 
;{{anchor|DKIM}}DomainKeys Identified Message (DKIM)
Line 40: Line 41:
 
;{{anchor|Domain_Owner}}Domain Owner
 
;{{anchor|Domain_Owner}}Domain Owner
 
:This term refers to the person or organization that currently holds a given Internet domain according to the relevant registrar. Note that the '''Domain Owner''' may engage or allow another entity to manage or operate the domain, on their behalf or for their own purposes. Therefore in the context of email, the '''Domain Owner''' is not necessarily the same as the [[#ADMD|ADMD]], [[#Message_Receiver|Message Receiver]], or [[#Message_Sender|Message Sender]] for that domain.
 
:This term refers to the person or organization that currently holds a given Internet domain according to the relevant registrar. Note that the '''Domain Owner''' may engage or allow another entity to manage or operate the domain, on their behalf or for their own purposes. Therefore in the context of email, the '''Domain Owner''' is not necessarily the same as the [[#ADMD|ADMD]], [[#Message_Receiver|Message Receiver]], or [[#Message_Sender|Message Sender]] for that domain.
 
 
  
 
==E==
 
==E==

Revision as of 08:03, 17 July 2015



A

Administrative Management Domain (ADMD)
The term Administrative Management Domain, more commonly shortened to ADMD, is used in many standards and related publications related to email. It refers to a single entity operating one or more computers within one or more Internet domain names under said entity's control. One example might be a small company with a single server handling email for that company's single domain. Or an ADMD might refer to a university operating many servers that fulfill differen roles, across different networks, all handling email for several different domains used by different groups within the university.


Anti-Spam
Referring to something which identifies and/or filters out messages believed to be spam. See also: Spam


B

Blocking policy
A common shorthand referring - in an email authentication context - to a DMARC policy that results in unauthorized messages not being allowed to reach the inbox. The policy may be "p=quarantine" or "p=reject" in this case.


C

D

DomainKeys (DK)
Domain Keys, or DK, is a signature-based Email Authentication technique originally created by Yahoo!. It is documented in RFC4870, but note that it has been superseded by DKIM. More information is available through Wikipedia, or from Yahoo's description (via Archive.org).


DomainKeys Identified Message (DKIM)
Domain Keys Identified Message, or DKIM, is a signature-based [#Email_Authentication|Email Authentication]] technique. It is the result of merging the DomainKeys and Identified Internet Mail specifications, and has been published as a Standards Track document by the IETF as RFC4871 in 2007, and updated as RFC6376 in 2011. More information is available from DKIM.org or Wikipedia.


Domain-based Message Authentication, Reporting, and Conformance (DMARC)
DMARC is a technical specification that allows Message Senders and Message Receivers to cooperate and thereby better detect when messages don't actually originate from the Internet domain they claim to have been sent from. It does this by allowing the Domain Owner to indicate they are using email authentication on the messages they send, optionally requesting that messages that fail to authenticate be blocked. Message Receivers honor these requests (unless there is a local policy overriding this action), and send reports on all the messages - whether or not they pass email authentication - to the Domain Owner. For more information please review the DMARC Overview. The specification has been published as an Informational document by the IETF as RFC7489.


Domain Owner
This term refers to the person or organization that currently holds a given Internet domain according to the relevant registrar. Note that the Domain Owner may engage or allow another entity to manage or operate the domain, on their behalf or for their own purposes. Therefore in the context of email, the Domain Owner is not necessarily the same as the ADMD, Message Receiver, or Message Sender for that domain.

E

Email Authentication
Email Authentication refers to any technique that helps detect when messages don't actually originate from the Internet domain they claim to have been sent from.


Email Service Provider (ESP)
An Email Service Provider is typically a vendor or service bureau that sends messages on behalf of other organizations. They may use email addresses in Internet domains belonging to their client, or from their own domain(s), in various fields during the SMTP conversation (see RFC5321) or in the message headers (see RFC5322). They are sometimes referred to as Third Party Senders.


F

G

H

I

J

K

L

Local Policy or Local Policy Override
In the context of DMARC, the term Local Policy refers to any internal policy or reason a Message Receiver may have for not enforcing a Blocking Policy published by the Domain Owner for a particular message. It is often indicated as a message like "local policy override" for messages that failed Email Authentication but were never not blocked - for example, because they were received from a mailing list operator that is known to the message receiver.


M

Mailflow
A group of messages that share some feature or characteristic in common. Typical examples would be all messages sent by a company to it's customers, between two companies or departments, from members of a mailing list to each other, or between two individuals.


Malicious Actor
A party that takes actions detrimental to the sender or receiver of messages, an organization, or the Internet at large. It is a fairly broad term because the number of malicious things that can be done with, to, or through email is rather large and difficult to document. A Spammer might be referred to as a Malicious Actor; somebody who phishes, or sends messages that seek to infect or subvert computers and/or networks would definitely fall under this category.


Malicious Content
Anything in a message that will do harm to the Recipient, or the computer and networks they use, may be referred to as Malicious Content. This typically includes the various ways of including viruses and similar content in an email message, but sometimes the term may be used to refer to messages which include a mechanism that might lead the Recipient to take some action that would lead to such content, like a link in the message that leads to a website that delivers code intended to compromise the web browser. Malicious Content is often referred to as malware.


Message Receiver
In the transmission of an email message from one ADMD to another, this is the organization receiving the message on behalf of the intended recipient or end user. The Message Receiver may do this because the intended recipient utilizes mailbox services offered by the Message Receiver (Comcast, GMail, etc), or because they are an employee or member of the organization and have therefore been provided with a mailbox.


Message Sender
In the transmission of an email message from one ADMD to another, this is the organization sending the message on behalf of the Originator or end user.


N

O

Originator
The Originator is the author of a given email message. In different contexts it may refer to the end-user, application, or service that created the message; or to the ADMD providing email services to that party.


P

Policy Override
See Local Policy.


Q

R

Reputation
In this context Reputation refers to various systems whereby a Message Receiver, or a vendor providing a Reputation Service, may track the past actions of an Originator or Message Sender in order to predict the likelihood that a message their receive from this entity in future may be Spam or contain Malicious Content.


S

Sender ID (SID)
Sender-ID is a path-based [#Email_Authentication|Email Authentication]] technique. It was the result of merging the SPF and Microsoft's CallerID specifications, and has been published as an Experimental document by the IETF as RFC4407 in 2006. Sender ID saw limited deployment on the Internet, and is generally not used for new deployments. More information is available from Wikipedia.


Sender Policy Framework (SPF)
Sender Policy Framework, originally Sender Permitted From, is a path-based [#Email_Authentication|Email Authentication]] technique. It was published as a Experimental document by the IETF as RFC4408 in 2006, and updated as a Standards Track document as RFC7408 in 2014. More information is available from OpenSPF.org or Wikipedia.


Spam
Uninvited, unsolicited, and unwelcome email messages are commonly referred to as Spam. They are very often commercial in nature, but the term is used to refer to the fact that these messages are typically sent in large numbers to recipients who never asked for them and do not want them. The history of the term and information about the practice can be found on Wikipedia.


T

U

V

W

X

Y

Z