What is DKIM Alignment?
DKIM Alignment helps domain owners verify the sending domain's authority over the sent email. This is done through 2 signatures found in the message body (appended during DKIM signing). The domain names displayed in both the signatures give away the true identity of the sender:
1. The mail From: domain
2. The domain in the d= tag in the DKIM-Signature header (DKIM signing domain)
DKIM alignment modes (included in your DMARC record)
1. Relaxed (adkim=r) : an organizational match between the the DKIM signature domain and the mail From: domain is enough for DKIM alignment to pass, instead of an exact match.
2. Strict (adkim=s) : an exact match between the the DKIM signature domain and the mail From: domain is is needed for DKIM alignment to pass.
Example 1: DKIM alignment passed
DKIM-Signature: v=1; ...; d=domain.com; ...
From: mailfrom@domain.com
The domain name (domain.com) in the DKIM signature header perfectly matches the domain name in the mail From: header. Hence DKIM alignment passes.
Example 2: DKIM alignment failed
DKIM-Signature: v=1; ...; d=xyz.org; ...
From: mailfrom@domain.com
The domain name (domain.com) in the DKIM signature header does not match the domain name in the mail From: header. Hence DKIM alignment fails.
DKIM pass exception: Using a relaxed DKIM mode of enforcement
Example:
DKIM-Signature: v=1; adkim=r...; d=domain.com; ...
From: mailfrom@marketing.domain.com
The domain name (domain.com) in the DKIM signature header matches the organizational domain name in the mail From: header. Since the DKIM alignment mode is set to relaxed (adkim=r),an organizational match is enough for DKIM alignment to pass, instead of an exact match.
Note: DKIM alignment mode if set to adkim=s (strict) will lead to alignmnent failures in case of organizational domain matches
Standard Email Protocols: SMTP, POP3 & IMAP Free4 m- What is Email Security? Free4 m
- Email Security Practices Free4 m
- Building an Email Security Compliance Model Free5 m
- Corporate Email Security Checklist Free3 m 30 s
- What is the difference between Inbound email security and outbound email security? Free4 m
- What is Information Security? Free4 m
- Zero Trust Security Model Free3 m
- What is SPF Alignment? Free3 m
- How to Set Up Microsoft Office 365 SPF record? Free4 m
- How to Set Up Google Workspace SPF Record? Free2 m
- How to Set Up MailChimp SPF Record? Free3 m
- How to Set Up SendGrid SPF Record? Free2 m
- How to Set Up Salesforce SPF Record? Free3 m
- How to Setup Zoho Mail SPF Record? Free2 m
- What is DMARC Compliance? Free2 m
- The Benefits of DMARC Free2 m
- DMARC Configuring Free3 m
- Achieving DMARC Enforcement Free2 m
- DMARC Vs Antispam Solutions Free2 m
- DMARC Identifier Alignment Free2 m
- DMARC sp Tag Exceptions & Uses Free1 m
- Configuring DMARC without DKIM Free3 m
- Configuring DMARC without SPF Free2 m
- DMARC Aggregate Report Views Free3 m
Video - PowerDMARC Aggregate Reports Free2 m 13 s- DMARC Forensic Report Views Free2 m
- Video - PowerDMARC Forensic Reports Free
- DMARC Forensic PGP Encryption and Decryption Free2 m
- TLS Report Views Free3 m
- Video - PowerDMARC TLS Reports Free
- PDF/CSV Reports Free2 m
- Video - PowerDMARC PDF/CSV Reports Free1 m 1 s