This article will help you better understand DKIM, how it works, and what you need to configure after migrating to our latest email hosting platform.
Jump to sections in this article:
What is DKIM
DKIM or DomainKeys Identified Mail is an email authentication standard that helps detect if messages are changed in transit between sending and receiving mail servers.
DKIM uses a public key to guarantee both the sender and recipient that all outgoing and incoming emails are untampered and unmodified.
When the DKIM authentication is enabled, it will create a private key on the emails before it gets delivered to its destination. This private key is the digital signature attached to both the email contents and header of your message.
When it reaches your recipient, the destination server will ask for the public key so it could verify whether the signature/private key is correct. The public key is always published in the sender’s DNS so that destination servers can retrieve this information when needed. Once the signature is verified with the public key of the recipient server, the message will successfully go through the recipient’s mailbox and will consider the email authentic.
What is a DKIM record
A DKIM record is a specialised DNS TXT record that stores the public key which the receiving mail server will use to verify an email message’s authenticity.
DKIM record is formatted through a name, version, key type, and the public key itself.
All domains with emails that are hosted with Crazy Domains have their unique DKIM. You just need to ensure that the authentication is enabled via your Hosting Manager for DKIM to work.
Refer to the following screenshot to see what DKIM record looks like on your hosting manager page:
Why is DKIM important
Having emails that are signed with DKIM appears to be more legitimate to your recipients than those that aren’t. Moreover, emails signed with DKIM are less likely to go to Junk or Spam folders.
Spoofing emails from trusted domains is a common technique by social engineers on the web for malicious spam and phishing campaigns. With DKIM, it makes it harder for them to spoof emails from domains that use it.
Another additional advantage of DKIM is it improves deliverability and builds a reputation for your domain over time. As you send an email and improve delivery use (low spam, bounces, and high engagement) you’re helping your domain to develop a good sending reputation with ISPs and thus improve overall email deliverability.
Now that we have defined why DKIM is important, let’s understand how DKIM protects your domain’s email.
How does DKIM record work
There are two actions DKIM uses to verify your emails.
First action takes place on the server sending DKIM digital signature emails. The second action happens on the server receiving and verifying DKIM signatures on incoming email messages. The process is made possible by private/public key pair.
Usually, your private key is kept secret and safe in your Hosting Manager. On the other hand, the public key is added to your DNS records (TXT) for your domain to relay it online to help verify your messages.
Once the recipient server verifies that an email is signed with a valid DKIM signature, it is then certain that parts of the email are secured and haven’t been altered by any malicious attacks online.
The DKIM signatures are not visible to end-users. The validation is done on a server level.
Now, let’s move on to adding DKIM record on your account.
What to configure on DKIM record after migration
If your domain and email are hosted with us, then no required action is needed from your end. You’re all set.
However, if your domain is hosted with a different provider, you need to update your public key in the TXT record and ensure your email works properly.
You can read and follow the steps in this guide to configure your DKIM record on your Hosting Manager.
If you have questions related to DKIM, please don’t hesitate to contact us.
Fantastic...Thank you for your feedback =)