We’ve all been warned about opening email from someone we don’t know. We’ve all heard the dire outcomes of how reputable companies have been impersonated in an email that has ended up doing serious financial harm to individuals or the companies where they work. The result of this email minefield has been tighter restrictions regarding which organizations or individuals can send you an email and may even dictate whether you, or your customers, receive it!
With this in mind there are a few key things you can do to ensure that your email marketing communications have the best chance to reach your intended audience. One of those things is to setup a DomainKeys Identified Email, or DKIM for short. In this post we’re going to discuss how that’s done and what it means for you and your audience.
DomainKeys Identified Mail, or DKIM, is a technical standard that helps to protect email senders and recipients from spam, spoofing and phishing. It’s a form of email authentication which allows an organization to digitally claim “responsibility” for a message in a way that can be validated by email servers and company virus protection systems.
DKIM works by adding a digital signature to the headers of the emails that you send. These signatures are actively validated against public cryptographic keys within an organizations Domain Name System (DNS0 records). A breakdown of the process works like this:
When a mail message is sent by an outbound mail server, the server generates and attaches a unique DKIM signature header to the message. This header includes two cryptographic hashes, one of specified headers, and one of the message body (or part of it). The header contains information about how the signature was generated.
When an inbound mail server receives an incoming email, it looks up the sender’s public DKIM key in DNS. The inbound server uses this key to decrypt the signature and compare it against a freshly computed version. If the two values match, the message can be proved to authentic and unaltered in transit.
If you are a business sending commercial or transactional email, you definitely need to implement one or more forms of email authentication to verify that an email is actually from you or your business. Always remember that properly configuring email authentication standards is one of the most important steps you can take to improve your message deliverability!
This post is courtesy of MMC Project Manager Ken Brown