Difference between revisions of "DomainKeys Identified Mail"

From ForensicsWiki
Jump to: navigation, search
m (Added reference)
(External Links)
Line 19: Line 19:
* [http://www.dkim.org/ Official website]
* [http://www.dkim.org/ Official website]
* [http://en.wikipedia.org/wiki/DomainKeys_Identified_Mail Wikipedia entry on DKIM]
* [http://en.wikipedia.org/wiki/DomainKeys_Identified_Mail Wikipedia entry on DKIM]
* [http://kegel.com/validating-email-with-dkim.html Dan Kegel's mini-howto on checking a DKIM signature]

Latest revision as of 15:57, 1 September 2011

Information icon.png

Please help to improve this article by expanding it.
Further information might be found on the discussion page.

DomainKeys Identified Mail (DKIM) is a method for signing email messages to help eliminate spam.

The signature in each message should give the domain (d=) and selector (s=). The appropriate key can be retrived as a TXT DNS record from the host selector._domainkey.domain [1]. A sample message from Gmail had the following DKIM header:

DKIM-Signature: a=rsa-sha1; c=relaxed/relaxed;
        d=gmail.com; s=beta;

We can thus retrieve the Gmail key with:

$ host -t txt beta._domainkey.gmail.com
beta._domainkey.gmail.com descriptive text "t=y\; k=rsa\; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC69TURXN3oNfz+G/m3g5rt4P6nsKmVgU1D6cw2X6BnxKJNlQKm10f8tMx6P6bN7juTR1BeD8ubaGqtzm2rWK4LiMJqhoQcwQziGbK1zp/MkdXZEWMCflLY6oUITrivK7JNOLXtZbdxJG2y/RAHGswKKyVhSP9niRsZF/IBr5p8uQIDAQAB"

External Links