Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Differences between DomainKeys vs DKIM?

Please explain about differences between DomainKeys vs DKIM

like image 445
Ramesh Avatar asked Apr 07 '11 11:04

Ramesh


People also ask

What does DomainKeys Identified Mail DKIM ensure?

DomainKeys Identified Mail, or DKIM, is a technical standard that helps protect email senders and recipients from spam, spoofing, and phishing. It is a form of email authentication that allows an organization to claim responsibility for a message in a way that can be validated by the recipient.

What is the difference between SPF DKIM and dmarc?

The two primary authentication protocols that help validate that an email message comes from who it claims to come from are SPF and DKIM. Layered on top of SPF and DKIM is DMARC. DMARC uses SPF and DKIM and provides a set of instructions to receiving email servers with what to do if they receive unauthenticated mail.

What is the purpose of DKIM?

DKIM (DomainKeys Identified Mail) is a protocol that allows an organization to take responsibility for transmitting a message by signing it in a way that mailbox providers can verify. DKIM record verification is made possible through cryptographic authentication.

Is DKIM for inbound or outbound?

DKIM (Domain Keys Identified Mail) adds a cryptographic hash or signature as a new header to outbound messages. This ensures outbound messages haven't been altered after leaving the sending organization's mail server, by matching the hash or signature to the DNSrecords.


1 Answers

DomainKeys Identified Mail (DKIM) is the successor to Yahoo DomainKeys. Being very similar in functionality to DomainKeys, DKIM has additionally adopted aspects from Cisco’s Identified Internet Mail standard (IIM), and the result has been an enhanced standard that provides more flexibility and security than its predecessor. Some of the differences between DomainKeys and DKIM include:

  • Multiple signature algorithms (as opposed to just one available with DomainKeys)
  • More options with regard to canonicalization, that validates both header and body
  • The ability to delegate signing to third parties
  • The ability for DKIM to self-sign the DKIM-Signature header field – to protect against its being modified
  • The ability for wildcard option on some parameters
  • The ability to support signature timeouts in DNS

http://www.socketlabs.com/articles/show/email-authentication-guide?page=6

like image 72
geeknik Avatar answered Oct 20 '22 17:10

geeknik