What is DKIM?

/
What is DKIM?

DKIM is the acronym for “DomainKeys Identified Mail“. It’s an email authentication framework whose major intent is to allow a receiving server to validate that the mail they received was the one that was originally sent. 

So DKIM can, for example, validate whether or not something changed within the email, for example it may have got intercepted along the way and then resent from someone else, or a virus was attached to it.

Understanding how DKIM works means understanding how a checksum – or digital signature – works. With a checksum, the email sender scans the text of the email, runs it through an equation and returns a number. When the receiving server gets that mail, they can run the text through the same equation, and see if the number they get is the same as the original. 

In that way, the receiver can validate that the copy of the email is the same as a sender’s.

With DKIM, the sending server puts a signature in the header of the email message when it is sent – much like a signature on a letter that validates that it has been read and approved by the sender.

Through encryption technology, the receiver then decrypts and analyses that signature and runs it through the public key. If the values match, then the content of the email can be verified as original and not altered in any way. 

On the other hand, if the content gets intercepted or changed in transit, that digital signature checksum will fail.

Thanks to DKIM in place, the receiver can finally validate that this was the same mail that was originally sent.

While many mail providers use DKIM by default, others may need it to be manually implemented. While it has been shown to be effective, it still has flaws, including:

DKIM Diagram
  • Both the sender and the receiver of the mail must support DKIM or the information is ignored. And because it can be difficult to implement, not all senders implement it – so no DKIM signature doesn’t necessarily mean that the mail has been altered.
  • Emails with a valid signature can be forwarded from another email address, which may be fraudulent.
  • DKIM does not look at the content of the mail, only whether it is the same mail that was sent originally, which means spam content could still pass through. For this reason, DKIM does nothing to prevent spoofing of the email from another sender.
Actively Block 
Phishing
Spoofing
 Attacks

Protect your email today. Contact us for a free one-month trial.