DKIM (DomainKeys Identified Mail) is an email authentication protocol that uses public key cryptography to verify that an email message was sent by an authorized sender and that the message was not altered in transit.
When a sender uses DKIM to sign an email message, they include a digital signature in the message header that is based on a private key that only the sender knows. The recipient’s email server can then use the public key, which is published in the sender’s DNS records, to verify that the signature is valid and that the message has not been tampered with.
DKIM helps prevent email spoofing and phishing attacks by making it harder for attackers to forge the “From” address in an email message. It also provides a way for email recipients to identify legitimate email messages from trusted senders, which can help improve email deliverability.
Like SPF, DKIM is one of several email authentication protocols that are designed to improve email security and reduce email fraud. DKIM can be used in conjunction with SPF and DMARC to provide a comprehensive email authentication solution.