Skip to content
Log in

DKIM (DomainKeys Identified Mail)

Definition

A cryptographic signing mechanism: the sending server signs the message headers and body with a private key, and the receiving server verifies the signature using the public key published in DNS. A valid DKIM signature proves the message was not altered in transit and was signed by the claimed domain.

Related terms

DMARC (Domain-based Message Authentication, Reporting, and Conformance)
A policy layer that requires the domain in the visible From header to align with a domain that passes SPF or DKIM....
Envelope sender (Return-Path)
The address used at the SMTP protocol level for bounce notifications, recorded in the Return-Path header. It is distinct from the display...
Message-ID
A globally unique identifier assigned to each message by the originating mail server, recorded in the Message-ID header. It is set by...
Received header
A header line prepended by each mail server that accepts a message in transit, recording the server's own identity, the IP or...
SPF (Sender Policy Framework)
A DNS-based mechanism by which a domain owner publishes the list of IP addresses authorised to send mail for that domain. A...

Explained in

  • Email Header Analysis and Sender TracingA cryptographic signing mechanism: the sending server signs the message headers and body with a private key, and the receiving server verifies the signature us...

Your journey to becoming a forensic professional starts here.

Practice with mock tests, learn from structured notes, and get your questions answered by a global forensic community, all in one place.

Continue learningCreate Your Account