Authentication
DKIM
DomainKeys Identified Mail. An email authentication method using cryptographic signatures to verify sender identity.
Definition
DKIM (DomainKeys Identified Mail) is an email authentication method that allows senders to attach a digital signature to their messages. The receiving server verifies this signature against a public key published in the sender's DNS records. If the signature is valid, it confirms the email hasn't been modified in transit and originated from an authorized sender. DKIM is one of the three pillars of email authentication alongside SPF and DMARC.
Examples
DKIM-Signature: v=1; a=rsa-sha256; d=example.com; s=selector1; ...
Pro Tip
Use 2048-bit keys for DKIM signatures - 1024-bit keys are now considered less secure.