ForensicsWiki will continue to operate as it has before and will not be shutting down. Thank you for your continued support of ForensicsWiki.

Difference between revisions of "DomainKeys Identified Mail"

From ForensicsWiki
Jump to: navigation, search
m (Added reference)
(External Links)
Line 19: Line 19:
* [ Official website]
* [ Official website]
* [ Wikipedia entry on DKIM]
* [ Wikipedia entry on DKIM]
* [ Dan Kegel's mini-howto on checking a DKIM signature]

Latest revision as of 15:57, 1 September 2011

Information icon.png

Please help to improve this article by expanding it.
Further information might be found on the discussion page.

DomainKeys Identified Mail (DKIM) is a method for signing email messages to help eliminate spam.

The signature in each message should give the domain (d=) and selector (s=). The appropriate key can be retrived as a TXT DNS record from the host selector._domainkey.domain [1]. A sample message from Gmail had the following DKIM header:

DKIM-Signature: a=rsa-sha1; c=relaxed/relaxed;; s=beta;

We can thus retrieve the Gmail key with:

$ host -t txt descriptive text "t=y\; k=rsa\; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC69TURXN3oNfz+G/m3g5rt4P6nsKmVgU1D6cw2X6BnxKJNlQKm10f8tMx6P6bN7juTR1BeD8ubaGqtzm2rWK4LiMJqhoQcwQziGbK1zp/MkdXZEWMCflLY6oUITrivK7JNOLXtZbdxJG2y/RAHGswKKyVhSP9niRsZF/IBr5p8uQIDAQAB"

External Links