Verification of incoming mail using DKIM key

We have implemented verification of incoming mail using DKIM key on Smarthost servers. This will allow you to check whether the message that has been delivered to the server is spam.
This is a development of DKIM signing that has been running on our servers for a very long time. Now, however, we are also checking the signature of incoming messages from outside our server.

What is DKIM?

It is a method that uses a key to bind an email to a domain and verify that it has been sent from the appropriate server. It also checks if someone is impersonating an email address. You can read more about DKIM security in our entry: SPF and DKIM – spam protection

What does turning on incoming email verification involve?

The implementation of the DKIM validation option in incoming messages has an impact on the spam score for each incoming email. If the DKIM key is correct, the value is lowered, and if the key is missing or incorrect, it is increased, so the message can be considered as spam. Of course, all messages sent from us to other servers have been signed by default with the correct DKIM key for a long time.

How to check if the message has the DKIM key and is it correct?

The DKIM signature validation itself is done on the server side when emails reach our servers. Customers do not notice DKIM validation and do not need to do anything to use this option. For people who would like to check how the check works and whether the e-mails sent to them by contractors have the correct DKIM signatures – it is possible. In the free Thunderbird mail client you can download the DKIM Verifier add-on, which in your email program will clearly show if the DKIM key is correct.

In the DKIM Verifier add-on you can check if the DKIM signature is correct.

DKIM – an important step towards secure e-mail

Checking the correctness of DKIM signatures in incoming messages (similarly as the correct DKIM signing, which we use) significantly increases the quality of e-mail. If all e-mail servers used this type of security, this would be a good step towards the elimination of spam e-mails, in particular in the field of e-mails sent that impersonate other users.

Leave a Reply