Browse Definitions :
Definition

Vouch by Reference (VBR)

Vouch By Reference (VBR) is a protocol for adding third-party certification to email. The protocol has two parts, one for the sender and one for the receiver.

The first part of the protocol requires the sender to add information to their email header by creating a field called VBR-Info. The information in the field tells the receiver three things:

  • The sender's domain.
  • The type of content the message contains.
  • A list of domain names for services that the sender expects will vouch for the legitimacy of the email.

The second part of the protocol requires the recipient to compare the list of services VBR-Info provides with a list of services the recipient trusts. The recipient then queries each service that is common to both lists: the service uses information the domain owner has registered with the domain name service (DNS) to determine whether the sender's IP address is legitimate and whether the content type is approved.

If VBR becomes widely adopted, it will provide the recipient with another way to fine-tune spam scores on incoming email and allow the sender to increase the odds that an email will arrive safely in the recipient's inbox. Before the protocol can become successful, however, it must be accepted and deployed by senders, receivers, certification providers, and mail server and anti-spam software vendors.

Read more:

The Vouch by Reference protocol is being promoted by the Domain Assurance Council (DAC).

The Vouch by Reference protocol is RFC 5518.

This was last updated in November 2009

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

SearchCompliance

  • risk assessment

    Risk assessment is the identification of hazards that could negatively impact an organization's ability to conduct business.

  • PCI DSS (Payment Card Industry Data Security Standard)

    The Payment Card Industry Data Security Standard (PCI DSS) is a widely accepted set of policies and procedures intended to ...

  • risk management

    Risk management is the process of identifying, assessing and controlling threats to an organization's capital and earnings.

SearchSecurity

SearchHealthIT

SearchDisasterRecovery

  • call tree

    A call tree is a layered hierarchical communication model that is used to notify specific individuals of an event and coordinate ...

  • Disaster Recovery as a Service (DRaaS)

    Disaster recovery as a service (DRaaS) is the replication and hosting of physical or virtual servers by a third party to provide ...

  • cloud disaster recovery (cloud DR)

    Cloud disaster recovery (cloud DR) is a combination of strategies and services intended to back up data, applications and other ...

SearchStorage

  • RAM (Random Access Memory)

    RAM (Random Access Memory) is the hardware in a computing device where the operating system (OS), application programs and data ...

  • business impact analysis (BIA)

    Business impact analysis (BIA) is a systematic process to determine and evaluate the potential effects of an interruption to ...

  • M.2 SSD

    An M.2 SSD is a solid-state drive that is used in internally mounted storage expansion cards of a small form factor.

Close