DKIM: Difference between revisions
Content deleted Content added
mNo edit summary |
|||
| Line 14: | Line 14: | ||
Also see [[SPF Record]] |
Also see [[SPF Record]] |
||
DKIM is one of many methods which tries to protect email senders and recipients from spoofing/spam. |
DKIM is one of many methods which tries to protect email senders and recipients from spoofing/spam. |
||
| ⚫ | |||
A domain owner can add DNS records which will publish a public key in a specially formatted |
|||
| ⚫ | |||
will sign messages and add this signature to the headers of the email. |
|||
Other mail servers which receive the email can then inspect the DNS record and the headers to check if it all matches up. |
Other mail servers which receive the email can then inspect the DNS record and the headers to check if it all matches up. |
||
If it does match up, then that means that the email has been sent through a server that is controlled by the domain owner. |
|||
This gives some level of confidence that the email was actually sent by the owner of the domain and not spoofed. |
|||
Optionally, further DNS records (DMARC) can be added which declare to these other email servers what should be done with messages that fail the DKIM test - eg, do noting, block or quarantine. |
Optionally, further DNS records (DMARC) can be added which declare to these other email servers what should be done with messages that fail the DKIM test - eg, do noting, block or quarantine. |
||