DomainKeys Identified Mail, or DKIM, is a method for validating the legitimacy of an email message using an electronic signature. When DomainKeys Identified Mail is activated for a specific domain, a public cryptographic key is published to the global DNS system and a private one is kept on the mail server. When a new email is sent, a signature is generated using the private key and when the email is delivered, that signature is ‘scanned’ by the POP3/IMAP server using the public key. Thus, the receiver can easily know if the email message is genuine or if the sender’s email address has been spoofed. A mismatch will occur if the content of the email message has been changed on its way as well, so DomainKeys Identified Mail can also be used to ensure that the sent and the delivered email messages are identical and that nothing has been attached or deleted. This validation system will boost your email security, as you can validate the legitimacy of the important email messages that you receive and your associates can do the exact same thing with the email messages that you send them. Depending on the particular email provider’s adopted policy, an email that fails the test may be removed or may enter the recipient’s mailbox with a warning alert.