A DKIM record (DomainKeys Identified Mail) is added to the server as a requirement to protect the email integrity of the message as it gets received and delivered by external servers.

Every email account must have a DKIM record.

How the DKIM Record Works

DKIM authentication uses asymmetric encryption to verify emails. Here’s a simplified breakdown of how DKIM works.

1. Signing the email: Your mail server generates a DKIM signature using a private key and appends it to the email header whenever you send an email.
2. Verification by the recipient’s server: To verify the DKIM record, the recipient’s mail server obtains the public key from the sender’s DNS.
3. Comparing the signature: The recipient’s server utilizes the public key to check if the DKIM signature matches the email. If it does, the email is regarded as authentic.