E-mail Authentication (DKIM) - Google Apps Setup

If you use Google Apps for your business e-mail, you should consider setting up e-mail authentication (DKIM).  Many major ISPs use this form of authentication to help determine if your message is really coming from your organization, improving your chances of delivery.

If you're familiar with the Google Apps admin interface, this should be fairly easy to setup.  It's not always obvious where to find these settings, so I've created a step-by-step outline of what to do.

How DomainKeys Identified Mail (DKIM) works:

Your outgoing mail server uses a private key to generate a digital signature and embeds that signature in your message.  The recipient's mail server grabs the public key from DNS and uses that public key to verify your signature.

Step 1:

Login to your Google apps admin console and click on the Google Apps icon.

Step 2:

Select Gmail.

Step 3:

Select Authenticate email.

Step 4:

Under Authenticate email, select the domain you want to authenticate.  The current status next to the domain will be Not authenticating email.

Click on the Generate new record link.

Step 5:

In the pop-up box, the Prefix selector will default to the word Google.  You can use any prefix, but leaving the default is fine.

Click the Generate button.

Step 6:

Copy the key.

Step 7:

Create a new TXT record for your domain.  In this example, we're creating a new TXT record for Google._domainkey.hedgehoghosting.net

If you don't manage your own DNS, ask your provider to create a TXT record for the hostname Google._domainkey using the key you just generated.

Step 8:

After your TXT record has been created, click on the Start authentication button.  You should now see Status: Authenticating Email next to your domain name.

That's it.  Your e-mails will now have a digital signature that all DKIM enabled mail servers can use to authenticate your message.

What keeps Hedgehog competitive in today's ever changing hosting marketplace

As the team at Hedgehog continues to examine large cloud hosting providers such as Google and Amazon Web Services, we find that despite all the buzz they get, our services remain better suited for the needs of high-end, security minded hosting clients similar to the environments that we currently host.

We know that the big differentiator is the level of customized service and support you get from these different companies.  But taking that a step further, we know that each of these companies react to challenges in markedly different ways. And it is in these cases where companies like Hedgehog rise above.

We see this most evidently with regards to security.  Companies like Google and Amazon are so large that they function at a level that is sometimes counter to the needs of the individual client.  For example, if you have a site that allows your users to share articles and that particular piece of code or functionality is not properly locked down, it could become compromised and a malicious person could use your forms to send spam.  Generally, this will cause your provider to be alerted and can lead to the blacklisting of IP addresses or the shutdown of services.

In order to service their volume of clients, large companies have had to automate these processes to simply block certain traffic when they think there may be a problem. In the case of spam e-mails being sent, that may just mean the blocking of e-mail or it could mean the suspension of all implicated services until the root problem can be identified and rectification can be made.  Unfortunately, where each client's architectures are not physically separate, one client’s services could be suspended because of a problem with another client. This possibility becomes even more dramatic in cases when the government must confiscate equipment for legal proceedings. What happens when client services are shared across physical equipment?

The equipment and the infrastructure are obviously core features of the hosting business.  Many companies in this larger cloud arena say that economy of scale, with regards to the equipment, is what matters the most.  The idea is that more equipment leveraged across their entire network will mean lower prices for the end user.   Hedgehog's clients know that the team of people, that keep them up and running is the real differentiator.  We know the ins and outs – including the history – of each architecture so if a problem does occur with one client, we can identify it and help them fix it – not simply automatically suspend service. Hedgehog also maintains individual client clouds – often called virtual clouds or silo'ed clouds – that are physically separate from our other clients’ environments, in an attempt to mitigate issues ensuring that one client's operations do not impact any other clients operations.

We feel that this higher level of service will never cease to be needed no matter how technologically advanced the underlying equipment and infrastructure become. After 13 year in business, Hedgehog feels that the foundation that our company was built on is still relevant in today's hosting industry.  Clients first!

Why is ECPA reform so important?

The Electronic Communications Privacy Act was established in 1986 and as you can imagine the technology of the day in 1986 was much different than the technology of today.  Just like computers, our laws need to be checked regularly to make sure they are operating at peak efficiency.

Hedgehog Hosting, along with the i2Coalition, is working hard to ensure that our elected officials get this right.  If we do not get a good markup of this Act we fear that US based hosting companies will lose our ability to compete globally.  Moreover, we know that it will be very hard to operationalize the process needed to work effectively with agencies when there is a need to.

While there are many other points that can be brought up with regards to ECPA, the key issue for Hedgehog is the 4th Amendment protections of our customer's data.  Anything that lessens our ability to say that we will fully protect the privacy of our client's data under these already established rights is not something that we will support.  We take this responsibility very seriously, and as in the past with SOPA and PIPA, we will make our voices heard to ensure that ECPA reform will be prudent for today's Internet standards.

Hedgehog Hosting will stand with other like-minded companies on March 5th at the i2Coaltion's Internet Education Day on Capitol Hill to discuss how small to medium businesses can strike the right balance between safety and privacy while fostering the growth of the Internet ecosystem as a whole.  If you are interested in learning more visit the i2coalition website and follow us on Twitter @HedgehogHosting.