π¬ What Does DKIM Stand For? β
DKIM stands for DomainKeys Identified Mail.
It is an email authentication method that allows the sender to digitally sign emails using a private key. The receiving server can then verify the emailβs authenticity using the senderβs public key published in DNS.
DKIM helps ensure that the email was not altered in transit and truly comes from the claimed domain.
π How DKIM Works β
- The sender's mail server adds a DKIM-Signature header to the email
- That header includes a hash of the message and metadata, signed using the domain's private key
- The recipient's mail server looks up the public key in DNS (via a TXT record at
selector._domainkey.example.com) - It uses the public key to verify the signature and check the integrity of the email
If the signature matches β DKIM = PASS β
π§ͺ Example DKIM DNS Record β
selector._domainkey.example.com. IN TXT "v=DKIM1; k=rsa; p=MIGfMA0G..."selectorβ a label that identifies which key to usev=DKIM1β DKIM versionp=...β the base64-encoded public key
β TL;DR β
| DKIM stands for | DomainKeys Identified Mail |
|---|---|
| Used for | Signing outgoing emails to verify authenticity |
| Type of DNS record | TXT at selector._domainkey.yourdomain.com |
| Helps protect against | Tampering and spoofing |
| Works with | DMARC, DNS, SMTP |