DKIM (DomainKeys Identified Mail)
DKIM (Domain Keys Identified Mail) is an email authentication process that allows a mail server receiving incoming mail to verify that a specific message has actually been sent from an associated email address. DKIM exists to prevent spoofed mail, spam, or malicious emails from being received by an email server if they cannot be properly identified as coming from the actual sending domain.
How Does DKIM Work?
Once you properly set up DKIM under your DNS settings, all outgoing mail you send out will contain an encrypted, digital signature in the header of your email. This signature is then used by mail servers to determine that
-
The body and title of this email address haven’t been modified since being sent.
-
This email address has been sent from the domain associated with the email address (I.E: DKIM will determine that the email address johndoe@acme.com did indeed send their message from the email server located at acme.com)
DKIM works in tandem with DMARC and SPF records to provide an all encompassing way to determine the validity of incoming mail, ensuring that any mail that gets accepted by a mail server is indeed authentic and not spoofed.
Why Should I Implement DKIM?
Implementing DKIM alongside other security mail protocols such as DMARC and SPF will increase your deliverability rating as well as keep your mail server safe from malicious attacks and damaging spam mail.