DKIM has many parts, but here's a simple overview:
- You add encrypted signatures to parts of your emails
- You provide a key in your public DNS record to decrypt these secure portions
- When you send an email, the recipient's email service checks this encryption process
- If the public key unlocks the encrypted signature, the email is considered more legitimate
Much like SPF, DKIM is an authentication framework that tells the world that it is really you sending a given email message. In email technology, faking (or "spoofing") an email address that you do not own is relatively easy, so email providers are very cautious when verifying the sender of a message. Without DKIM, your messages will automatically be flagged as suspicious and may not be delivered to your recipients.
To set up DKIM, please see Required Technical Setup.