DomainKeys Identified Mail (DKIM) Service Overview
DomainKeys Identified Mail (DKIM) allows an organization to take responsibility for a message, in a way that can be validated by a recipient. The organization can be the author's, the originating sending site, an intermediary, or one of their agent's. DKIM defines a domain-level digital signature authentication framework for email, using public-key cryptography and key server technology. This permits verifying the signer of a message, as well as the integrity of its contents. DKIM accomplishes this by defining a domain-level authentication framework for email using public-key cryptography and key server technology [RFC4871]. This permits verifying a message source, an intermediary, or one of their agents, as well as the integrity of its contents. DKIM will also provide a mechanism that permits potential email signers to publish information about their email signing practices; this will permit email receivers to make additional assessments of unsigned messages. Such protection of email identity can assist in the global control of "spam" and "phishing". This document provides an overview of the DKIM service and describes how it can fit into a messaging service. It also describes how DKIM relates to other IETF message signature technologies. It is intended for those who are adopting, developing, or deploying DKIM.