What Is DKIM and why you should be asking for it

Domain Keys Identified Mail (DKIM) is one part of a four-step email authentication process that allows a receiver to make sure that an email is legitimate, authorised and unaltered. DKIM, when combined with TLS, SPF, and DMARC becomes the best practice to help you secure your email domain and prevent it from being spoofed, used for phishing or usurped for the delivery of malware. Let’s discuss DKIM in more detail and find out why it might be an important part of your email authentication system.

How does DKIM work?

DKIM uses public-key cryptography that allows it to verify if an email has been altered in any way while in transit from an authorised server, which ultimately detects email fraud.  DKIM does this by applying a digital signature to the email header which is secured with encryption. That signature will then be matched to the public key in the company’s Domain Name System (DNS) records. If these items are matched, then the message will be validated, and the transfer of the email will pass through. DKIM lets your transactional email provider take responsibility for messages in transit, providing the recipient with a method for validating the message received against your domain name identity.

Cumulo9’s C9 Signature can help get you started with DKIM, giving you an extra layer of security.

DKIM and DMARC

DMARC is built on top of DKIM and SPF (Sender Policy Framework). Once you have SPF and DKIM in place, it is possible to implement Domain-based Message Authentication, Reporting, and Conformance (DMARC) as the top-most level of authentication for your domain’s emails. When working together you will have achieved optimal email security. DMARC is the final set up after DKIM and works most effectively if you already have both DKIM and SPF in place, aligned and enforced.

DMARC allows recipient domains to report on actions taken on emails coming from a domain, based on the domain owner's published email authentication processes and the stated actions to be taken on an email that fails authentication checks.

How does DMARC work?

The DMARC process works like this:

• First, the domain administrator will publish a policy defining its email authentication instructions. This DMARC policy is listed as part of the overall DNS record.
• Once the inbound server receives an email it will then use DNS to look at the DMARC policy for the domain. The inbound server will then check and evaluate the message for a validated DKIM signature, SPF validation, the originating IP address and domain alignment; and take appropriate action based on the published policy and the message's conformance.

DMARC protects against direct domain spoofing and provides a way for the recipient to report back to the sender if messages pass or fail DMARC evaluation.

Email delivery is more complex than ever before and requires constant evaluation for compliance with technologies such as SPF, DKIM, and DMARC. SPF and DKIM are easy additions to your businesses' email security and at Cumulo9, we advise you to proactively protect your system from threats.

Cumulo9 has a suite of products that can help with your cybersecurity, click here to find which of our products can work for you. Contact us today about adopting DMARC and to find out how DMARC can affect your business.