What is DKIM?
DKIM means DomainKeys Identified Mail and is used to identify the email being sent. Just as SPF, DKIM is an open standard to email authentication which is used for DMARC alignment. The DKIM record exists in DNS but it is a little more complicated than SPF. The DKIM benefit lies in the fact that it can perform email forwarding and this makes it better than SPF.
How does it work?
DKIM sets signature-headers to emails, they are added to the email and are secured by means of encryption. Such a signature is a so-called tamper resistance and helps to verify the email came from the stated domain and has not been tampered with on its way.
The mail servers are configured in distinct a way to be able to use DKIM. They attach a special signature to the sent emails. These signatures are traveling along with the email and being verified by all mail servers in that “dispatching chain”.
What does DKIM signature mean?
Each DKIM signature contains all the necessary information for a server to verify it is real. The signature is encrypted with a pair of DKIM keys. The originating mail server contains a so-called “secret key”. The key can be verified by the receiving email server or Internet provider who has the second part of the key - the “public DKIM key”.
Do you need to use DKIM for emails?
DKIM major benefits
- Fully protects the email integrity. Its content can be checked that it wasn’t changed on the way.
- It increases the domain’s reputation and the quantity of successfully delivered emails.
- It is one of the fundamental email authentication methods for DMARC.