How DKIM Is Used for Email

Description of DKIM

DKIM (DomainKeys Identified Mail) is an authentication technique for email that includes cryptographic keys to verify an email hasn't been modified between the sending and receiving servers. It is a security method that is quickly gaining momentum as an additional tool to protect against phishing and spoofing attacks.

DKIM authentication requires a public key and a private key, that applies a DKIM signature to each outbound email from the domain's sending server(s). The public key is stored in the DNS records of the sending domain's nameserver to validate an email that is signed with the private key.

The DKIM signature is inserted into the email header by the sending email server. This combination of public and private key verification allows the recipient of the email to determine if the email has been altered or did not originate from the intended sender.

Email Flow With DKIM:


Can I Implement DKIM At Mailprotector's Relay?

DKIM signing at Mailprotector's relay is not possible at this time. The product development team does have DKIM signing identified as a future feature to build.

However, DKIM signing is typically implemented at the sending server.

Configuration of DKIM signing requires actions at your email provider and your DNS provider. Once set up, please ensure there aren't any Message Rules configured in Mailprotector that could edit the outgoing email's subject or body content. 

To configure DKIM with some of the most popular email solutions, you can follow the guides at:

Have more questions? Submit a request