DomainKeys Identified Mail (DKIM) is an email authentication method designed to detect forged sender addresses in emails (email spoofing), a technique often used in phishing and email spam.
This article clarifies how MailEssentials handles DKIM signatures and if there's a possibility to add a DKIM signature to outgoing emails passing through MailEssentials.
It is useful to understand how mail flows through MailEssentials so as to appreciate how emails with DKIM signature are handled, which is exactly the same way as non-DKIM emails.
In order to scan emails so as to filter out Spam and block Virus infected messages, MailEssentials retrieves the emails (DKIM or non-DKIM) from either the mail flow directly (while the mail server is receiving or sending) or from the Exchange Information Store (to scan already received and saved emails for viruses).
Regardless of the email sources mentioned above, the scanning process is always the same as illustrated below:
- The source retrieves the email and loads the Scanning Service to provide a copy of the email for scanning
- The Scanning Service loads modules to scan the email for particular properties
Inbound or outbound emails with a DKIM signature do not interfere with the regular processing in MailEssentials. MailEssentials sees the DKIM signature in the email header but treats the email just as a regular email. The DKIM signature is only in the header and does not affect the email processing in any way.
MailEssentials does not currently provide the ability to configure DKIM signature signing for outbound emails. This should be handled externally by the mail server which should insert the DKIM signature prior to sending the email to MailEssentials.
Support for DKIM validation within MailEssentials is currently an open feature request that customers can contribute to through the GFI users forum at Support for DKIM.