DomainKeys Identified Mail (DKIM) is an email authentication method designed to detect forged sender addresses in emails, a technique often used in phishing and email spam.
B) DKIM uses a pair of cryptographic keys (a private key and a public key). The sending mail server uses the private key to generate a digital signature for specific parts of the email (such as the headers and body). This signature is then added to the email's header. The receiving mail server retrieves the public key from the sender's DNS records to verify the signature. If the signature is valid, it confirms that the email was indeed sent from the purported domain and that its content hasn't been tampered with during transit. This mechanism effectively prevents email domain impersonation.
A) While DKIM does use cryptographic techniques, its primary purpose isn't to scramble email contents but to sign specific parts of the email to verify authenticity and integrity.
C) DKIM itself does not automatically delete emails from unverified domains. Instead, it provides a way to verify the legitimacy of the email, and mail servers can then decide how to handle emails based on DKIM verification results, often in combination with other authentication methods like SPF and DMARC.
D) DKIM automates the process of verifying email authenticity through cryptographic signatures, eliminating the need for manual verification by network administrators.