Email has long been a primary mode of communication, and we depend on it for both personal and business use. However, email security has become a significant concern with increasing cyber threats. As a result, using DKIM has become increasingly important in securing email messages.
What is DKIM?
DKIM, or DomainKeys Identified Mail, is an email authentication method to detect email spoofing, phishing, and other attacks. It’s a protocol that allows the receiving email server to verify that an email message is authentic and has not been tampered with. It works by adding a cryptographic signature to the email message’s header.
How DKIM works
When an email message is sent, the DKIM signature is generated by the sender’s mail transfer agent (MTA), which is an email server that is responsible for sending email messages. The DKIM signature is based on the message content and a private key associated with the sender’s domain name. The DKIM signature is then added to the header of the email message.
The receiving email server can then use the public key published in the sender’s DNS records to verify the authenticity of the DKIM signature. If the signature is valid, it indicates that the email message was sent by an authorised sender and has not been tampered with. The email can then be delivered to the recipient’s inbox.
DKIM records
DKIM records are a critical component of the DKIM protocol. A DKIM record is a DNS record contains information about the sender’s domain name, the cryptographic algorithm used to create the signature, and the public key used to verify the signature. The DKIM record is published in the sender’s DNS zone file.
DKIM records are essential because they help to ensure that email messages are delivered to the intended recipients and are not blocked or marked as spam by email filters. By using DKIM, senders can increase the trustworthiness of their email messages, protect their brand reputation, and improve the deliverability of their email campaigns.
Other email authentication methods
In addition to DKIM, other email authentication methods exist, such as SPF (Sender Policy Framework) and DMARC (Domain-based Message Authentication, Reporting, and Conformance). SPF is a mechanism that allows the receiving email server to verify that an email message is sent from an authorised IP address. DMARC is a protocol that builds on SPF and DKIM to provide an additional layer of authentication and reporting.
Actions you can take next
- Know what laws regulate email by getting an Email Compliance Guide, attending training on email law or reading insights on this website.
- Regulate how employees use email in your organisation by implementing an Email Use Policy and Code of Behaviour (containing guidelines around acceptable use).
- Manage the risks associated with email by reviewing your current email disclaimer or implementing a good message disclaimer.
- Ensure you lawfully monitor email by implementing a policy for users and technical staff and getting employees’ consent to monitor their email.
- Retain and archive email following the law by determining your strategy, creating an email retention schedule, and setting an email archiving policy.
- Comply with all laws and codes while email marketing by getting a legal checklist for email marketing.
- Comply with your data protection obligations regards to email.