Est. reading time: 3 minutes

Email Security: Understanding DomainKeys Identified Mail (DKIM)

Email phishing campaigns and Spamming have become so common today. Indeed, global traffic estimates suggest that as many as 73% of emails you may receive daily are just unwanted promotions for products and services. To put it into perspective, at least seven in every 10 emails you are likely to receive are promotions. With increased email security and new spam filters, these mails are sent directly to spam and may automatically be deleted after some time. However, others still find their way into our inbox. These are, for example, email messages impersonating our banks, family and friends, learning institutions, or companies we work for. We more often find ourselves, out of curiosity, opening the messages to find out what they are about. This opens the door for viruses and potential data breaches.

It is the need to reduce spamming and email spoofing and improve email security that led to the development of the DomainKeys Identified Mail (DKIM). DKIM is an email authentification technique designed to detect forged or imitated sender addresses in emails.

DKIM works by adding a digital signature to the headers of emails. The signature can then be validated against a public cryptographic key that is located in the organization’s DNS record. This allows the receiver to check the email and verify whether it was verified to originate from the owner of the domain. The technique assigns a digital signature to each outgoing message. If the senders public key is published in the DNS, the recipient system verifies the message before it can be opened. With the digital signature, the recipient is also able to verify that the email contents, including attachments, have not been tampered.

Inbound mail servers use DKIM to detect and decrypt the digital signature in the message and compare it with a fresh version. If the values are identical, the message is flagged as authentic.

The onset of spam filters has seen spammers become even more conniving and smart. Spoofing has been on the rise in the recent past. Without adequate email security and monitoring, individuals can forge your domain and use it to scam your clients, or, worse still, use reputable organizations’ domains to scam you. With DKIM, the threat becomes less prevalent. But how do you set up DKIM for purposes of addressing spam, phishing, and spoofing? Here is how to go about it.

1.Log into your cPanel account.
2.Scroll down to Email and click on Authentication or Email Deliverability
On the Email Authentication page, you’ll see two different methods: DKIM and SPF. …
Once you enable DKIM, you’ll see a field that shows your current raw DKIM record.
On Email Deliverability
-Click on the manage to open the manage domain interface. It should list the domain name, DKIM and SPF records.

  • On every record, it should show Valid. If there’s a problem you can click Modify the Domain’s Zone Files on your right to edit the DKIM and SPF records

NB: We recommend that you contact if you’re not sure about the changes you would like to make. Making wrong changes to the zone records can have serious implications on your emails and their deliverability.

At Sasahost, DKIM and SPF records are usually automatically set, unless a client alters them. Remember, good practices in mail handling are very important. Report any errors to our support team for assistance.


DMARC Explained: How it Works

Sender Policy Framework: Here Is All You Need To Know

The Author

Janet M.

Janet is a digital media specialist with 4+ years of experience in technical writing for the web hosting industry. She is also passionate about creative writing and storytelling. She combines her technical knowledge with her creativity to produce engaging content that informs and captivates readers across various platforms.

More posts from Janet

Related posts