DomainKeys Identified Mail (DKIM) is a method of verifying the authenticity of an email message. It works by adding a digital signature to the header of the email message, which is associated with the domain of the sender. When the recipient's email server receives the message, it can use the sender's public key to verify the signature and confirm that the message was actually sent by the domain it claims to be sent from.
This helps to protect against spam and phishing attacks, as well as other types of email fraud. It also helps to ensure that the email message has not been tampered with during transit.
Here's how DKIM works in more detail:
-
The sender's email server signs the email message using a private key. The private key is known only to the sender and is used to create the digital signature.
-
The digital signature is added to the header of the email message in the form of a DKIM-Signature field. The DKIM-Signature field includes information about the message, the domain of the sender, and the public key that will be used to verify the signature.
-
The email message is transmitted to the recipient's email server.
-
The recipient's email server retrieves the public key for the sender's domain from a public repository or from a DNS record.
-
The recipient's email server uses the public key to verify the digital signature on the message. If the signature is valid, it means that the message was sent by the domain it claims to be sent from and that the message has not been tampered with during transit.
-
If the signature is not valid, it may indicate that the message is spam, a phishing attempt, or otherwise fraudulent. The recipient's email server can then take appropriate action, such as marking the message as spam or rejecting it.
By adding a digital signature to the email message and verifying it at the recipient's end, DKIM helps to ensure the authenticity and integrity of the message. It also helps to protect against spam and phishing attacks, as well as other types of email fraud.