DKIM

DomainKeys Identified Mail (DKIM) adds a cryptographic signature to outgoing email headers, allowing receiving servers to verify that the email was sent by an authorized sender and has not been altered in transit. The signature is validated against a public key published in the sender's DNS records. DKIM works alongside SPF and DMARC to form a complete email authentication stack. Without DKIM, emails can be tampered with in transit without detection.

Why it matters for your website

• 1Prevents your domain from being used in phishing and spoofing attacks
• 2Required for email deliverability to Gmail, Yahoo, and major providers
• 3Missing records are flagged as high-severity findings in security audits