Browse Definitions :
Definition

Vouch by Reference (VBR)

Vouch By Reference (VBR) is a protocol for adding third-party certification to email. The protocol has two parts, one for the sender and one for the receiver.

The first part of the protocol requires the sender to add information to their email header by creating a field called VBR-Info. The information in the field tells the receiver three things:

  • The sender's domain.
  • The type of content the message contains.
  • A list of domain names for services that the sender expects will vouch for the legitimacy of the email.

The second part of the protocol requires the recipient to compare the list of services VBR-Info provides with a list of services the recipient trusts. The recipient then queries each service that is common to both lists: the service uses information the domain owner has registered with the domain name service (DNS) to determine whether the sender's IP address is legitimate and whether the content type is approved.

If VBR becomes widely adopted, it will provide the recipient with another way to fine-tune spam scores on incoming email and allow the sender to increase the odds that an email will arrive safely in the recipient's inbox. Before the protocol can become successful, however, it must be accepted and deployed by senders, receivers, certification providers, and mail server and anti-spam software vendors.

Read more:

The Vouch by Reference protocol is being promoted by the Domain Assurance Council (DAC).

The Vouch by Reference protocol is RFC 5518.

This was last updated in November 2009
SearchCompliance
  • compliance risk

    Compliance risk is an organization's potential exposure to legal penalties, financial forfeiture and material loss, resulting ...

  • information governance

    Information governance is a holistic approach to managing corporate information by implementing processes, roles, controls and ...

  • enterprise document management (EDM)

    Enterprise document management (EDM) is a strategy for overseeing an organization's paper and electronic documents so they can be...

SearchSecurity
  • session key

    A session key is an encryption and decryption key that is randomly generated to ensure the security of a communications session ...

  • computer forensics (cyber forensics)

    Computer forensics is the application of investigation and analysis techniques to gather and preserve evidence from a particular ...

  • multifactor authentication (MFA)

    Multifactor authentication (MFA) is a security technology that requires more than one method of authentication from independent ...

SearchHealthIT
SearchDisasterRecovery
  • risk mitigation

    Risk mitigation is a strategy to prepare for and lessen the effects of threats faced by a business.

  • call tree

    A call tree is a layered hierarchical communication model that is used to notify specific individuals of an event and coordinate ...

  • Disaster Recovery as a Service (DRaaS)

    Disaster recovery as a service (DRaaS) is the replication and hosting of physical or virtual servers by a third party to provide ...

SearchStorage
  • cloud storage

    Cloud storage is a service model in which data is transmitted and stored on remote storage systems, where it is maintained, ...

  • cloud testing

    Cloud testing is the process of using the cloud computing resources of a third-party service provider to test software ...

  • storage virtualization

    Storage virtualization is the pooling of physical storage from multiple storage devices into what appears to be a single storage ...

Close