DomainKeys Identified Mail (DKIM) allows senders to associate a domain name with an email message, thus vouching for its authenticity. It does this by affixing a digital signature, linked to a domain name, to each outgoing email message. The recipient system can then verify this by looking up the sender's public key published in the DNS. None of the other options, such as Secure Socket Layer (SSL), Post Office Protocol 3 (POP3), or Sender Policy Framework (SPF), provide a cryptographic signature for email message verification. SSL is a security technology for establishing an encrypted link between a server and a client, POP3 is a protocol for receiving email, and SPF is used to validate that an email has been sent from an authorized server but does not involve signing emails with a digital signature.