DomainKeys Identified Mail, or DKIM, is a method for checking the genuineness of an email message using an e-signature. When DomainKeys Identified Mail is enabled for a given domain, a public encryption key is published to the global DNS system and a private one is stored on the mail server. If a new email message is sent, a signature is generated using the private key and when the email is received, the signature is authenticated by the incoming POP3/IMAP server using the public key. Thus, the recipient can easily tell if the email is genuine or if the sender’s email address has been spoofed. A mismatch will appear if the content of the email has been changed in the meantime as well, so DKIM can also be used to ensure that the sent and the received email messages are identical and that nothing has been attached or deleted. This email authentication system will enhance your email safety, since you can validate the authenticity of the important emails that you get and your partners can do the same with the email messages that you send them. Depending on the given email service provider’s policies, an email that fails to pass the test may be erased or may appear in the receiver’s mailbox with a warning symbol.
