Skip to main content

DKIM Signature

EmailDKIM (DomainKeys Identified Mail) is an internet standard used to detect forged sender addresses in email messages. This email authentication method is often used by organization to protect their email users from phishing and spam.

All email notifications that 4me generates are now signed with a DKIM-Signature email header. This can be verified in the raw source of an email notification generated by 4me by looking for dkim=pass.

For now, 4me’s DKIM domain, selector and keys are used for all outbound email that 4me generates. In the next release, this functionality will be expanded to allow each account to define their own DKIM domain, selector and keys.

An example of an email header with a DKIM-Signature looks like this:

Authentication-Results: mx.google.com;
       dkim=pass [email protected] header.s=default header.b=A3+wPyDZ;
       spf=pass (google.com: domain of [email protected] designates 184.72.240.72 as permitted sender) [email protected]
[ … ]
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=4me.com; q=dns/txt; s=default; t=1550885929; bh=m4/PdWqIcLZZBw4CdKJTmaQXKpVlqXq+h0PISCoHs7s=; h=date:from:reply-to:to:message-id:subject:mime-version:content-type:content-transfer-encoding; b=A3+wPyDZGfOQM8gI5DuyOMKDJZOTyDSg7FYJJpOsaCxL0BXFSktu3/MMB+StjTsL/ogHoU3y8jgYli3sQtgBff0SDGbhNKtE7MYQKK5a6Da5sDlOWX/+XRSIvE0f+iiLoUUGY2cOGetO+gB6HZapIxNf+Pl2lmYEBI4rN9d2wZYL+1a4rtwcjUkOqWWaj6FFG5bx8eUBEzNfh0zzFdrndxfjWR9zMZnsdHRoFWzWSZGQ6mzYGVibwtbpsMx3bOzHVRrLAObTsCblkpWsRNoFF4KTfNtHFNnSKzPMALu+1mGhf//w77eQIwcrwUDEjfddvxAP6cpCzRYEMcKDrX+qVQ==
Date: Tue, 05 Mar 2019 01:38:49 +0000
From: Widget Service Desk
Reply-To: Widget Service Desk