DomainKeys Identified Mail (DKIM) is an email validation system that detects email spoofing by validating a domain name identity associated with a message through cryptographic authentication. In addition, DKIM is used to ensure the integrity of incoming messages or ensure that a message has not been tampered with in transit.
To ensure the validity and integrity of email messages, DKIM uses a public and private key pair system. A public and private key pair is created for the sending domain. The private key is stored securely on the mail server and used to sign outgoing messages. The public key is stored and published in the Domain Name System (DNS). When an email message is sent, the mail server uses the private key to digitally sign it, which is a part of the message header. When the email message is received, the DKIM signature can be verified against the public key on the domain's DNS.
Deep Discovery Email Inspector implements DKIM authentication only in the following scenarios:
-
Verifies DKIM signatures for incoming messages from specified sender domains or from all senders.
-
Adds DKIM signatures to outgoing message headers to prevent spoofing only when the value of the "From" field in the message header is the same as the MAIL FROM address (envelope sender).