Select your language

Would you like to know what DKIM is and how it works? This article provides the answer to these and other frequently asked questions on DKIM.

What is DKIM?

DKIM stands for “DomainKeys Identified Mail” and is an e-mail authentication method. Put simply, this method adds a digital signature to e-mails. The recipient’s server can verify this signature with a public key stored in the DNS zone of the sender domain. As a result, the recipient can be sure that the e-mail content is unchanged and that the e-mail originates from an authorized sender. DKIM, along with SPF and DMARC, is an advanced protective measure designed to combat phishing and identity theft.

How does DKIM work?

DKIM is based on an asymmetric encryption method. This means that different keys are used for the creation and validation of the signature – namely a private and a public key. The private key is secret and known only to the mail server of the sender domain. The public key, however, can be accessed in the DKIM record in the DNS zone of the sender domain.

If DKIM is enabled for a domain and an e-mail is sent with this domain, the following process runs in the background:

  1. Sender: The sender’s mail server uses the e-mail content and other parameters to compute a checksum, also known as a hash value. A digital signature is created from this hash value and the private key and added to the e-mail as a header.

  2. Transfer: The e-mail is transferred to the recipient.

  3. Recipient: The recipient’s mail server also computes a hash value from the e-mail content. The mail server then accesses the DNS zone of the sender domain and obtains the public key from the DKIM record. The server uses this public key to check the hash value in the digital signature. Finally, the server compares the hash value it has computed with the hash value from the digital signature.

    If both values match, this confirms that the e-mail content is unchanged and that the e-mail comes from an authorized sender.

What advantages does DKIM offer?

The use of DKIM enhances e-mail security as the recipient can be sure that nobody has tampered with the e-mail’s content, and that the e-mail is highly unlikely to come from a forged sender. From the sender’s viewpoint, they can minimize the risk of phishing attacks being carried out in their name. The correct configuration of DKIM also reduces the probability of e-mails unintentionally ending up in the recipient’s spam folder. Overall, DKIM therefore helps increase the security and authenticity of e-mails. Some providers (e.g. Google, Yahoo) already require the use of DKIM when sending emails in bulk.

How is a DKIM record structured?

A DKIM record has the following structure:

20240131-rsa1024-9160ac53._domainkey.ihre-eigene-domain.ch 300 IN TXT "v=DKIM1; k=rsa; h=sha256; p=MIGf.....DAQAB"

ElementExampleExplanation
Name

20240131-rsa1024-9160ac53._domainkey.ihre-eigene-domain.ch

The name matches the following pattern at Hostpoint:

[selector]._domainkey.[domain]

  • selector = Unique value that makes the DKIM record identifiable. At Hostpoint, this consists of the date, the key type, and a random combination of letters and numbers
  • ._domainkey. = Fixed part of DKIM records
  • domain = Your domain name
TTL300Time to live (indicates the number of seconds during which the entry is valid)
ClassINInternet
TypeTXTDKIM information is stored in a text record.
Value"v=DKIM1; k=rsa; h=sha256; p=MIGf.....DAQAB"
  • v = Version of the DKIM standard
  • k = Encryption method (“rsa” or “ed25519”)
  • h = Hash algorithm (always “sha256”)
  • p = Public key
Please use this form only to provide feedback on the above guide.
For support requests please use this form instead.

 

 

© 2001 - Hostpoint AG
Cookie

Wir verwenden Cookies  🍪

We use Cookies  🍪

Nous utilisons des cookies  🍪

Utilizziamo dei cookie  🍪

Die digitalen Auftritte von Hostpoint (Website, Control Panel, Support Center etc.) verwenden Cookies. Diese werden dazu verwendet, um Daten über Besucherinteraktionen zu sammeln. Wenn Sie auf «Akzeptieren» klicken, stimmen Sie der Verwendung dieser Cookies für Werbezwecke, Website-Analyse und Support zu. Gewisse essenzielle Cookies sind jedoch für eine ordnungsgemässe Funktion dieser Seiten unerlässlich und können deshalb nicht deaktiviert werden. Auch ohne Ihre Zustimmung können gewisse Daten in anonymisierter Form für statistische Zwecke und zur Verbesserung unserer Websites verwendet werden. Bitte beachten Sie unsere Datenschutzerklärung.

Hostpoint's digital presences (website, Control Panel, Support Center, etc.) use cookies. These are used to collect data on visitor interactions. If you click “Accept”, you agree to the use of these cookies for advertising purposes, website analysis and support. However, certain cookies are essential for the proper functioning of these pages and therefore cannot be disabled. Even without your consent, certain data may be used in anonymized form for statistical purposes and to improve our websites. Please note our Privacy policy.

Le sites Web de Hostpoint (site Web, Control Panel, Centre d'assistance, etc.) utilisent des cookies. Ces cookies servent à collecter des données sur les interactions des visiteurs. En cliquant sur «Accepter», vous consentez à l’utilisation de ces cookies à des fins de publicité, d’analyse du site Web et d’assistance. Certains cookies essentiels sont cependant indispensables au bon fonctionnement de notre sites Web et ne peuvent donc pas être désactivés. Même sans votre consentement, certaines données peuvent être utilisées sous forme anonymisée à des fins statistiques et pour améliorer notre sites Web. Veuillez prendre connaissance de notre Déclaration de protection des données.

Le presenze digitali di Hostpoint (sito web, Pannello di controllo, Support Center, ecc.) utilizzano i cookie. Questi vengono utilizzati per raccogliere dati sulle interazioni dei visitatori. Facendo clic su «Accetta», acconsente all’utilizzo di questi cookie per scopi pubblicitari, di analisi del sito web e di supporto. Alcuni cookie essenziali sono tuttavia indispensabili per il corretto funzionamento di questi siti web e pertanto non possono essere disattivati. Anche senza il Suo consenso, determinati dati potrebbero essere utilizzati in forma anonima per fini statistici e per l’ottimizzazione dei nostri siti web. Si prega di tenere conto della nostra Dichiarazione per la pivacy.

Ablehnen
Decline
Refuser
Rifiuta
Akzeptieren
Accept
Accepter
Accetta