12,264
edits
DKIM: Difference between revisions
m
→What is DKIM?
mNo edit summary |
m (→What is DKIM?) |
||
|
Also see [[SPF Record]]
DKIM is one of many methods which tries to protect email senders and recipients from spoofing/spam.
TXT record. The email server they use for sending email (eg smtp.aa.net.uk) holds the private key and will sign messages and add this signature to the headers of the email.▼
A domain owner can add DNS records which will publish a public key in a specially formatted
▲TXT record. The email server they use for sending email (eg smtp.aa.net.uk) holds the matching private key,
will sign messages and add this signature to the headers of the email.
Other mail servers which receive the email can then inspect the DNS record and the headers to check if it all matches up.
If it does match up, then that means that the email has been sent through a server that is controlled by the domain owner.
This gives some level of confidence that the email was actually sent by the owner of the domain and not spoofed.
Optionally, further DNS records (DMARC) can be added which declare to these other email servers what should be done with messages that fail the DKIM test - eg, do noting, block or quarantine.
| |||