What is DKIM and why does it matter?
DKIM stands for "DomainKeys Identified Mail”.
It is a protocol that authenticates emails to prevent spoofing or phishing. It acts like a digital signature - verifying the authenticity of the mail being sent, and confirming that the content was not interfered with in transit.
It works by a public key stored in your DNS record. When someone receives an email purporting to be from you, they use this public key to confirm whether the hashed key in your email header is authentic, and that the email is legitimate an unchanged.
DKIM empowers other email protocols like SPF and DMARC by preventing threat actors from impersonating your organisation’s email domains.
There is also the added benefit of verifying that emails were not changed in transit. This is sometimes known as a “man in the middle” attack, where a threat actor has control over one of the stops a email makes on its journey to the recipient and can make malicious changes. A DKIM protocol can help verify that this has not happened.