Guidance

Using DomainKeys Identified Mail (DKIM) in your organisation

Updated 15 March 2021

DomainKeys Identified Mail (DKIM) verifies an email바카라 사이트檚 domain and helps show that the email has not been tampered with in transit. The receiving email service can then filter or reject email that fails the DKIM check.

How DKIM works

DKIM uses public key encryption to check email. The sending email service generates a string of characters known as a hash using the content of each outbound email. The sending service then encrypts the hash with its private key and adds it to the email header. This is the DKIM signature.

The receiving email service looks up the public key in the sender바카라 사이트檚 DKIM DNS record then uses the public key to decrypt the DKIM signature on the email. It also generates a hash of the email in the same way the sending email service did.

If the hash matches the decrypted DKIM signature then the email passes the DKIM check. This means the email came from where it says it came from and has not changed in transit.

Most email services will automatically check DKIM on inbound email, but you should check to make sure it바카라 사이트檚 enabled.

You need a separate DKIM key and DNS entry for each service you send email from. In addition to your own mail servers, you might also need to consider third-party applications and services that send mail on your behalf.

Further email security guidance

All public sector organisations must follow guidance on how to set up email services securely.

has more information on DKIM. You can also and a more detailed on DKIM.