DKIM

DomainKeys Identified Mail (DKIM) is an email authentication method that helps receiving mail servers verify that an email was genuinely sent by the stated domain and has not been altered in transit.

DKIM works by adding a digital signature to outgoing emails. This signature is generated using a private key held by the sending domain.

When the email is received, the recipient's mail server retrieves the corresponding public key from the sender's Domain Name System (DNS) records and checks the signature. If the values match, the message is confirmed as authentic.

The main benefit of DKIM is message integrity. It proves that the content of an email has not been changed between sending and delivery. This helps protect against spoofing, tampering and certain phishing techniques.

DKIM alone does not guarantee inbox placement. Instead, it acts as a trust signal. Mail providers such as Google and Microsoft use DKIM alongside other signals when deciding whether an email should be delivered, filtered or rejected.

DKIM is most effective when combined with Sender Policy Framework (SPF) and Domain-based Message Authentication, Reporting and Conformance (DMARC) as part of a complete email authentication setup. Without it, legitimate emails may appear untrustworthy and be more likely to land in spam.

Example: An email signed with DKIM allows the receiving server to verify that the message really came from the sending domain and was not modified in transit.

If email deliverability is affecting your campaigns, our Email Marketing services help ensure DKIM and other authentication methods are correctly set up and working as intended.

Share this definition