DKIM keys
Manage your DKIM keys to sign and authenticate outbound emails.
Introduction
DomainKeys Identified Mail (DKIM) is used to authorize an email by verifying its digital signature, which associates a domain name with the email.
Outbound DKIM signing
To set up outbound DKIM signing, you need to generate a DKIM key in Sophos Email.
A public key is generated which you use to create and publish a DKIM TXT record, and a private key in generated in the background.
When the receiving mail server sees that an email has a DKIM signature, it does a DNS lookup to find the DKIM TXT record associated with the sending domain. It uses the public key to decrypt the digital signature back to the hash value. It then takes the elements of the message that were signed and creates it's own hash that it compares it to the decrypted hash. If these do not match, the DKIM check will fail.
Add a DKIM key
Add a DKIM record to your domain so that outgoing mail will be signed and authenticated against your domain.