glossary.categories.securityAcronyme

DKIM

DomainKeys Identified Mail

An email authentication method that uses cryptographic signatures to verify message integrity.

Définition

DomainKeys Identified Mail (DKIM) is an email authentication method that uses public-key cryptography to verify that an email message was sent by an authorized sender and hasn't been modified in transit. The sending server signs the message with a private key, and the receiving server verifies the signature using a public key published in DNS.

Exemples

DKIM DNS Record

A DKIM public key published in DNS.

; DKIM DNS Record (TXT)
selector._domainkey.example.com. IN TXT "v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC..."

; Header in signed email:
DKIM-Signature: v=1; a=rsa-sha256; d=example.com; s=selector;
  c=relaxed/relaxed; q=dns/txt; h=from:to:subject:date;
  bh=2jUSOH9NhtVGCQWNr9BrIAPreKQjO6Sn7XIkfJVOzv8=;
  b=AuUoFEfDxTDkHlLXSZEpZj79LICEps6eda7W3deTVFOk4yAUoqOB...

Cas d'usage

Email message integrity verification

Preventing email tampering in transit

Part of DMARC authentication

Brand protection

Bonnes pratiques

Use 2048-bit RSA keys minimum
Rotate DKIM keys periodically
Sign important headers (From, To, Subject, Date)
Test DKIM configuration after setup
Monitor DKIM failures in DMARC reports

FAQ

Termes associés

DMARC

An email authentication protocol that protects against phishing and spoofing.

DKIM is part of DMARC authentication

SPF

An email authentication method that specifies which servers can send email for a domain.

Complementary email authentication

Mettez vos connaissances sur DKIM en pratique

Commencez à surveiller votre infrastructure avec WizStatus.

Commencer gratuitement Parcourir plus de termes

Aucune carte de crédit requise • 20 monitors gratuits pour toujours