1 / 4

DKIM: DomainKeys Identified Mail

DKIM is a word you hear very commonly these days when in the context of Email security. Let's try and understand what it means, and how it is beneficial to us.

spicesend
Download Presentation

DKIM: DomainKeys Identified Mail

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. DKIM: DomainKeys Identified Mail DKIM is a word you hear very commonly these days when in the context of Email security. Let's try and understand what it means, and how it is beneficial to us. DomainKeys Identified Mail a.k.a DKIM is a technical standard for email authentication wherein a digitally encrypted signature is added to the email header which is then verified by the receiving email server by using a public key fetched via DNS lookups. It's a protocol that's become essential to combating phishing and email spoofing. Together with SPF, it allows you to associate a domain with your email to validate your email message. A brief history of SPF DKIM was created in the year 2004 by the merger of two different yet similar mechanisms, "Identified Internet Mail" from Cisco and "enhanced DomainKeys" from Yahoo. This merged specification evolved into a new authentication technique that is defined by the RFC 6376. The "Identified Internet Mail" was about email authentication method based on the signature and DomainKeys was all

  2. about checking the identity of the sender using DNS and verifying the email integrity. How does DKIM work? https://commons.wikimedia.org/wiki/File:DomainKeys_Identified_Mail_(DKIM).png How this works is that sending party adds a unique DKIM signature header to the email ( example for such a header can be seen below). Such a header includes two important cryptographic hashes, assigned to tags ( the header uses a notation like tag=value delimited by semicolons ) like "b" and "bh". DKIM-Signature: v=1; a=rsa-sha256; d=mydomain.com; s=s2; c=relaxed/relaxed; i=ian@mydomain.com; t=1579522642; h=subject:from:reply-to:to:date:message-id:list-unsubscribe:content-type: mime-version; bh=R39S4ybFvxWVEnU5LL/Gid3+5s/mxVQNMfzh2CjrCME=; b=nDfDnXmMpjMmp9bOnehWsVkzr/j9W6MEerRgBHXXXcS4ArYorzRGc8PLB/M7W/PpoqkPGqCUvIC yCFDar/plrW7AKyN8egpF3I8PJP3US/9DAr50w3AyH14Cm8+ryb01l97JD45QMaIyJhPdfAFpvlMD S8XX3fZbQtu5sHMK93QjHTlAP6+A80EiK09jZNN3gLJAobC1tmJxJSYUy7Xu98FRF0a+9Rut9pSC/ fV0eTyiPDu0ar4cNgPg3kquxthRh6mHMdaz8sGyaaz0QQxlq2Rv1QNCcFajLKF4P/9w3xX5f1LOWL MRHX1JMUZXYRY+5BX1QCra0QEZZvvlSf0TOg== Understanding DKIM Tags The mandatory DKIM tags that need to be present in your email header for it to be signed correctly are listed below: 1.v: This indicates the version of the signature.

  3. 2.a: This indicates the algorithm that was used to generate the signature. 3.s: This indicates the selector record name used with the domain to locate the public key in DNS. 4.h: This is a list of headers that will be used in the signing algorithm to create the hash found in the b= tag. The order specified in the value is important for the generation of the hash. 5.b: This is the hash result of the headers listed in the h= tag. This hash is the DKIM signature and is encoded in Base64. 6.bh: This is the computed hash of the message body. The value is of this is evaluated by the hash algorithm. 7.d: This is the sending domain. When the receiving email server sees this email, the first thing it does is to look up the public key of the sending domain and use that to decrypt both the hashes above this is then compared to fresh hashes created against the received mail content. if the two values match then it passes the DKIM test and proves that the mail has been not been modified from the original source. How can we test DKIM records? There are a few online tools wherein you can test your DKIM records, but, before we do that we need to to understand what is being fetched here. In the example given above, "mydomain.com" needs to have a subdomain of the form "s2._domainkey" which stores the value of the DKIM key directly as a "TXT" record or indirectly as "CNAME". 1.Mxtoolbox: https://mxtoolbox.com/dkim.aspx 2.Dmarcian: https://dmarcian.com/dkim-inspector/ 3.Mail tester: https://www.mail-tester.com/spf-dkim-check 4.Dmarcanalyzer: https://www.dmarcanalyzer.com/dkim/dkim-check/

  4. Conclusion We have seen how DKIM plays a vital role in Email authentication. It provides the incoming email server with a mechanism to check if the original message was altered. Need an email marketing tool with great email deliverability? Try SpiceSend today - forever free, for up to 5000 emails per month!

More Related