DomainKeys Identified Mail (DKIM) is an email
validation system that detects email spoofing by validating a domain name identity
associated
with a message through cryptographic authentication. In addition, DKIM is used to
ensure the
integrity of incoming messages or ensure that a message has not been tampered with
in
transit.
To ensure the validity and integrity of email messages, DKIM uses a public and
private key pair system. A public and private key pair is created for the sending
domain. The
private key is stored securely on the mail server and used to sign outgoing messages.
The public
key is stored and published in the Domain Name System (DNS). When an email message
is sent, the
mail server uses the private key to digitally sign it, which is a part of the message
header.
When the email message is received, the DKIM signature can be verified against the
public key on
the domain's DNS.
Deep Discovery Email
Inspector implements DKIM
authentication only in the following scenarios:
-
Verifies DKIM signatures for incoming messages from specified sender domains or from all senders.
-
Adds DKIM signatures to outgoing message headers to prevent spoofing only when the value of the
From
field in the message header is the same as the MAIL FROM address (envelope sender).