DKIM
The abbreviation for DomainKeys Identified Mail is DKIM and is used to authenticate sent e-mails. The function of DKIM is to add a sort of "signature" to the header of the e-mail. This signature header is secured with encryption and acts as a tamper-proof seal. Using this seal, it is possible to verify that the e-mail actually comes from the domain indicated. E-mail servers that want to use DKIM are configured to attach special signatures to the e-mails. The signature is sent with every mail that is sent. En route to the recipient, e-mail servers verify the signatures to prevent fraud.
Benefits of DKIM use
For e-mail, DKIM implementation offers great benefits:
- Message integrity is protected by being able to check that the content of the email has not been modified during transmission
- Email deliverability and domain reputation are increased
- It is one of the basic DMARC* methods for email authentication
*DMARC is Domain-based Message Authentication, Reporting and Conformance, which is the free and open platform for email authentication. By itself, DKIM is not a reliable method to verify the identity of the sender. To prevent spoofing (counterfeiting) of the visible domain in the e-mail header, DMARC is also required. DMARC ensures that the end user is seen by the domain. The same is true for validation of SPF.
What is the DKIM signature?
The DKIM signature contains all the information necessary for email servers to verify. Based on this information, the server can check whether the signature is genuine, and also whether the signature is encrypted with a key set. For this, the original e-mail server (the sender) has a so-calledprivate key. Receiving e-mail servers can use the 'public key' (the other half of the encryption) to verify the DKIM signature.
