search cancel

How third party DKIM signing interacts with Email Security.Cloud

book

Article ID: 150687

calendar_today

Updated On:

Products

Email Security.cloud Email Threat Detection and Response

Issue/Introduction

 

Resolution

This article explains how the DomainKeys Identified Mail (DKIM) technology interacts with the Email Security.cloud Services (ESS).

DKIM is a technology that enables the recipient to verify that authorized sources send the emails. And that the body of emails was not modified during transit. It uses cryptographic key pairs together with hash functions to provide a mechanism to verify the authenticity and integrity of emails.

The basic function of ESS is that of a relay, it acts as an intermediary between the sender and recipient. It processes traffic and applies security filters, in accordance with the customer's preferences. From our position of intermediary, the DKIM technology has no application. It is designed to be processed at the end of an email's path. Therefore, please take into account the following considerations:

  • Actions taken by the customer on the ESS filters or services, which changes the email Body (for example the Tag Subject action, Email Disclaimers, or Click-time URL Protection), breaks the DKIM signature. It may cause delivery failures, depending on the recipient domain's mail server configuration.
  • Many public cloud email service providers, such as Gmail and Hotmail, automatically enable and use DKIM.
  • DKIM is a free to use technology. Not all mail servers and services use DKIM to check emails. When DKIM is verified, different mail servers may take different actions based on its results, according to their particular configuration.

We recommend that you use DKIM signing offered by Email Security.Cloud to avoid mail delivery issues.