DKIM stands for DomainKeys Identified Mail and is used for the authentication of an email that’s being sent. It is an email security standard designed to make sure messages aren’t altered in transit between the sending and recipient servers.

It uses public-key cryptography to sign email with a private key as it leaves a sending server. Recipient servers then use a public key published to a domain’s DNS to verify the source of the message, and that the body of the message hasn’t changed during transit. Once the signature is verified with the public key by the recipient server, the message passes DKIM and is considered authentic.

DomainKeys Identified Mail(DKIM) protects against spoofing of the content of the email(both body and headers), by adding a cryptographic hash of the entire email as an SMTP header. If a message passes DKIM, then you know that the body of the message hasn’t been modified since the message was cryptographically signed.