DKIM adds a cryptographic signature to selected headers and the entire message body, which includes any MIME attachments. When the recipient's server retrieves the sender's public key from DNS and verifies the signature, it can confirm that the signed portions of the message-including attachments-have not been altered in transit. DKIM does not encrypt email content, block senders by IP address, or impose domain-wide handling rules for failed checks; those capabilities are provided by TLS, SPF, and DMARC, respectively.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What does DKIM stand for and how does it work?
Open an interactive chat with Bash
What are SPF and DMARC and how do they work with DKIM?
Open an interactive chat with Bash
What is the importance of DNS in DKIM authentication?