Definition of DKIM

DomainKeys Identified Mail or DKIM is a standard can help prevent spoofing by adding a digital signature to the header of outgoing messages. This includes using the private domain key to encrypt the outgoing email headers from your domain and adding the public version of the key to the domain's DNS records.

The receiving server can then retrieve the public key to decrypt the headers and verify that the message really comes from your domain and was not altered during the delivery process. G Suite digital signatures meet the DomainKeys Identified Mail (DKIM) standard.

How DKIM works

To add a digital signature to outgoing email, you generate a domain key that G Suite uses to generate a signed email header, which is unique to the domain. You add the public key to the Domain Name System (DNS) record for the domain. The recipient can then verify the source of the email message by taking the public key and using it to confirm your signature.

For even stronger security, you can now generate a 2048 bit domain key instead of a 1024 bit domain key. We recommend creating a stronger 2048 bit key if the registrar supports longer key lengths. If you have a previously generated 1024 bit domain key, it will not be affected by this change.

Application examples

Name TTL Type Record
default._domainkey.we-are-programmers.xyz. 14400 TXT

v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwUowh

9+ecXNqJ6LeklcMfNcIHOOJK/tDcpNvI2Hx5eOnvx3iwSMnzTenu6/Iyd5XrrJIVyVf+YDo

qjpqyARgf8HBInD0nzE6jvXYBkzo6+ZToSLtE2VZWRtKBQrzq0hXA4Y6rU5IEq2XwPz4/

bl+VBIOP/ExejQpOrQpXoHDUMFyuTUoyaEVmB8nn70lr56R0

     

AbD14L218jEDB0jyrptOed96EF8mrwMQMNcV+pZPGG/WRvMYWxNbIMXoTKoV2N

iSULPhVA+2bh4v5Cpnfr+UUFbbsvh2UerGy12QFuNth21uxM+M6gygHYoXZ1bzxl6

Zl/NTL3tNwagL4H8m4eK2wIDAQAB;

 

Was this answer helpful? 0 Users Found This Useful (0 Votes)