Email Authentication: What is DKIM? (Domain Keys Identified Mail)

DKIM makes it clear to mailbox providers that the implied sender of the message truly is the sender of the message.

DKIM (Domain Keys Identified Mail) is simply a signature that any sender can apply to their email messages. The signature makes it clear to mailbox providers (like Gmail, Outlook, AOL, Yahoo and companies you may have B2B relationships with) that the implied sender of the message truly is the sender of the message and not forged.

Any domain can be used as a signature to sign email.

Any domain can be used as a signature to sign an email message. As an example, a company called LaRusso Auto Group will sign their messages with the larussoautogroup.com domain to confirm that the message was actually sent by the company LaRusso Auto Group.

The addition of a signature is accomplished by inserting a hidden cryptographic signature into the headers of your email and then placing a special code (called a public key) on your website that verifies the authenticity of that signature.

Mailbox providers compare the signature in your email's header with the public key on your website.

When your email is received, mailbox providers compare the signature in your email's header with the public key on your website. If they match, that verifies your email as authentic – truly from who it says it's from.

As a quick reminder, setting up DKIM does not guarantee your domain a high email deliverability rate. It's just one of the three most common methods used for email authentication.


Posted: 2021-02-11


TOP