top of page
  • OpaCyber

Why your outbound email security sucks and what you can do about it - part 3

We know you have eagerly been waiting for part three of our email series. Fear not, here it is. Part 3 - Dkim!

So, in part two (SPF) we gave the analogy of sending a letter and how confusion can reign when the email (letter) is forwarded

Like a knight in shining armour here comes Dkim to the rescue!

In our previous example, Peter sends a letter to Paul, who forwards it to Mary

THIS TIME though, when Mary receives the letter she doesn’t care about the header on the letter OR the envelope

Why? Because the letter is signed by Peter and she knows his signature. Ha!

This is what Dkim does. It “signs” the email as authentic and verifies that it has not been tampered with en route. This is not the same as the signature in the footer of someone’s email 🤣 (This signing is done by means of Public-key Infrastructure (PKI) which is asymmetric encryption using a public and private key pair). Don’t worry about the technicalities of that though 🤣🤣)

When it comes to Sender Verification, ideally both SPF and Dkim should be set up**. Dkim having a distinct advantage over SPF because it doesn’t “break” when a message is forwarded

**CORRECTLY. That’s the hard part. That’s where we can help

We know, we know. Now you are all over-excited in anticipation for part 4, Dmarc! In order to save you from an anxiety attack we’ll try to bring you that very soon 🤣

Previous post, SPF:

Next post, Dmarc:


bottom of page