DKIM

DomainKeys Identified Mail (DKIM) is an email authentication protocol that verifies the authenticity of an email and prevents unauthorized changes to its contents. DKIM is an open standard that uses public key cryptography to assign a private key to each outgoing email. The recipient's server then uses the public key in the DKIM record to decrypt the signature and confirm that the email is authentic.

DKIM is an important tool for preventing spam, spoofing, and phishing attacks. It's often used in conjunction with other email authentication methods, such as Sender Policy Framework (SPF) and Domain-based Message Authentication Reporting and Conformance (DMARC). Emails that don't pass DKIM and SPF checks may be marked as spam or rejected by email servers.

DKIM is an industry-standard, defined in RFC 6376 and updated in RFC 8301 and RFC 8463. Most email providers, including Microsoft, make it relatively easy to set up DKIM for an organization.