SPF, DMARC and, DKIM are the email security protocols used by companies or
businesses to prevent various phishing attacks. Phishing and email spam are
the biggest opportunities for hackers to enter the network. If a user clicks
on a malicious email attachment, it can compromise an entire enterprise with
ransomware, crypto-jacking scripts, data leakages, or privilege escalation
exploits.
|
Source - From the Internet
|
DKIM is an acronym for DomainKeys Identified Mail. When sending an email
from a server that has DKIM configured, the server will hash the body and the
header of the email separately. It will then, create a signature with a
private key which will send along with the email.
When the receiver receives the email, it will do a DNS request to the domain
that the email claim it is from. By doing so, the receiver will get the public
key which is the DKIM-record. It will then with the key can verify the
signature is correct or not, and by doing so it will confirm that the sender
is genuine and the mail has not been manipulated on its way there.
CHECKING FOR DKIM RECORDS
|
DKIM Records Lookup by MX Toolbox
|
-
Enter the domain name and selector (A DKIM selector is text, that is
added with the domain to create a unique DNS record used during DKIM.
This allows multiple keys to exist under one domain which allows for
different signatures to be created by different systems, date ranges, or
third-party services). For example, GitHub.com.
-
If you get the results in the following way that means the website has
DKIM records and it's safe.
If the website does not have the Records,
check the below section.
Create DKIM Records
Ideally, your mail server will provide a tool that allows you to create the
information right on the server. (For SmarterMail users, information on
“Setting Up Email Signing” is available in the Help documentation). Regardless
of how you create your record, the following information is part of it:
-
s - This is the selector and it indicates the record “name”
used with the domain to locate the public key in DNS. The sender creates
this (again, ideally automatically).
-
d - This indicates the domain, used by the sender. Used with
the selector record and helps locate the public key.
-
p - This is the actual public key that gets published to DNS
as part of the record. Therefore, it will look like a random set of upper
and lower case letters, numbers, and some punctuation marks.
These are the three key parts of a DKIM record. Other tags are available, but
these three are the most commonly used. Therefore, a typical DKIM record will
look like this:
2B8U4DAB93D58YR._domainKey.yourdomain.com;
p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC1TaNgLlSyQMNWVLNLvyY/neDgaL2oqQE8T5illKqCgDtFHc8eHVAU+nlcaGmrKmDMw9dbgiGk1ocgZ56NR4ycfUHwQhvQPMUZw0cveel/8EAGoi/UyPmqfcPibytH81NFtTMAxUeM4Op8A6iHkvAMj5qLf4YRNsTkKAV
In the above, you’ll find the following:
- Selector (s): 2B8U4DAB93D58YR
- Domain (d): yourdomain.com
-
Public Key (p):
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC1TaNgLlSyQMNWVLNLvyY/neDgaL2oqQE8T5illKqCgDtFHc8eHVAU+nlcaGmrKmDMw9dbgiGk1ocgZ56NR4ycfUHwQhvQPMUZw0cveel/8EAGoi/UyPmqfcPibytH81NFtTMAxUeM4Op8A6iHkvAMj5qLf4YRNsTkKAV
The other information in the record will
be added automatically, but it is generally the same regardless of how the
record is created. (I.e., _domainKey).
You might also interested in,
We hope this helps. If any suggestions or doubts you can add a comment and
we will reply as soon as possible.
SPF, DMARC and, DKIM are the email security protocols used by companies or businesses to prevent various phishing attacks. Phishi...