DomainKeys Identified Mail
DomainKeys Identified Mail (DKIM) is an email authentication method designed to detect email spoofing. It allows the receiver to check that an email claimed to come from a specific domain was indeed authorized by the owner of that domain.
It is intended to prevent forged sender addresses in emails, a technique often used in phishing and email spam.
Description
In technical terms, DKIM lets a domain associate its name with an email message by affixing a digital signature to it. Verification is carried out using the signer's public key published in the DNS. A valid signature guarantees that some parts of the email (possibly including attachments) have not been modified since the signature was affixed.
Usually, DKIM signatures are not visible to end-users, and are affixed or verified by the infrastructure rather than message's authors and recipients. In that respect, DKIM differs from end-to-end digital signatures.
See also
- Author Domain Signing Practices
- Domain-based Message Authentication, Reporting and Conformance (DMARC)
- DomainKeys
- E-mail authentication
- OpenPGP
- S/MIME
- Sender Policy Framework (SPF)
- Vouch by Reference
External links
- DomainKeys Identified Mail @ Wikipedia