Email Help

WHAT IS DOMAIN KEYS IDENTIFIED MAIL?

Domain Keys Identified Mail (DKIM) is a signature/cryptography-based email authentication framework that provides a method for validating an identity that is associated with an email message during the time it is transferred over the Internet. It provides email users with an additional level of protection against email forgery, a tactic often used in phishing attacks.

The DKIM base specification, which defines Internet scale email authentication, has been approved as a proposed Internet Standard (RFC 4871) by the Internet Engineering Task Force.

HOW DOES DKIM WORK?

DKIM places a signature on the email header, this includes 3 related fields:

• A digital signature
• A definition of the fields over which the digital signature was calculated
• The sending domain

DKIM publishes the public key and policies of the sending organization to the Domain Name System (DNS). The receiving organization verifies the DKIM signature by comparing it with the sender’s public key made available through DNS.

After a DKIM signature has been placed on a message and the message is sent to the recipient, an agent in the ADMD (Administrative Management Domain), which is a public e-mail service, will usually validate the signature. In actual fact, any functional component in the message transit path can validate the signature. All in all the recipient end-user does not have to make any validations, instead the recipients ADMD's filtering software will do that.

WHAT BENEFITS WILL DKIM PROVIDE FOR MY EMAIL?

Authenticated email means trusted messaging – your receiver will know that the messages they receive are legitimate. It provides users with protection against forgery and fraud, gives brands protection by giving their customers assurance of the legitimacy of the emails they receive, and directly addresses today’s phishing and spamming problems.

**Source: http://www.sendmail.org