DomainKeys Identified Mail

DomainKeys Identified Mail (DKIM) is an email authentication method designed to detect forged sender addresses in email (email spoofing), a technique often used in phishing and email spam.

DKIM allows the receiver to check that an email that claimed to have come from a specific domain was indeed authorized by the owner of that domain.^[1] It achieves this by affixing a digital signature, linked to a domain name, to each outgoing email message. The recipient system can verify this by looking up the sender's public key published in the DNS. A valid signature also guarantees that some parts of the email (possibly including attachments) have not been modified since the signature was affixed.^[2] Usually, DKIM signatures are not visible to end-users, and are affixed or verified by the infrastructure rather than the message's authors and recipients.

DKIM is an Internet Standard.^[3] It is defined in RFC 6376, dated September 2011, with updates in RFC 8301 and RFC 8463.

^ Tony Hansen; Dave Crocker; Phillip Hallam-Baker (July 2009). DomainKeys Identified Mail (DKIM) Service Overview. IETF. doi:10.17487/RFC5585. RFC 5585. Retrieved 6 January 2016. Receivers who successfully verify a signature can use information about the signer as part of a program to limit spam, spoofing, phishing, or other undesirable behaviors. DKIM does not, itself, prescribe any specific actions by the recipient; rather, it is an enabling technology for services that do.
^ Dave Crocker; Tony Hansen; Murray S. Kucherawy, eds. (September 2011). "Data Integrity". DomainKeys Identified Mail (DKIM) Signatures. IETF. sec. 1.5. doi:10.17487/RFC6376. RFC 6376. Retrieved 6 January 2016. Verifying the signature asserts that the hashed content has not changed since it was signed and asserts nothing else about "protecting" the end-to-end integrity of the message.
^ Crocker, D.; Hansen, T.; Kucherawy, M. (September 2011). "DomainKeys Identified Mail (DKIM) Signatures". RFC Editor. ISSN 2070-1721. Retrieved 30 March 2020.

[:0-1] Tony Hansen; Dave Crocker; Phillip Hallam-Baker (July 2009). DomainKeys Identified Mail (DKIM) Service Overview. IETF. doi:10.17487/RFC5585. RFC 5585. Retrieved 6 January 2016. Receivers who successfully verify a signature can use information about the signer as part of a program to limit spam, spoofing, phishing, or other undesirable behaviors. DKIM does not, itself, prescribe any specific actions by the recipient; rather, it is an enabling technology for services that do.

[rfc6376-data_integrity-2] Dave Crocker; Tony Hansen; Murray S. Kucherawy, eds. (September 2011). "Data Integrity". DomainKeys Identified Mail (DKIM) Signatures. IETF. sec. 1.5. doi:10.17487/RFC6376. RFC 6376. Retrieved 6 January 2016. Verifying the signature asserts that the hashed content has not changed since it was signed and asserts nothing else about "protecting" the end-to-end integrity of the message.

[Crocker_Hansen_Kucherawy-3] Crocker, D.; Hansen, T.; Kucherawy, M. (September 2011). "DomainKeys Identified Mail (DKIM) Signatures". RFC Editor. ISSN 2070-1721. Retrieved 30 March 2020.

[1]

[2]

[3]

Our website is made possible by displaying online advertisements to our visitors. Please consider supporting us by disabling your ad blocker.

DomainKeys Identified Mail

Our website is made possible by displaying online advertisements to our visitors.
Please consider supporting us by disabling your ad blocker.