What is DKIM?
DKIM (DomainKeys Identified Mail) is an email authentication method that adds a digital signature to outgoing emails. This signature is verified by receiving mail servers using a public key published in the sender's DNS records. DKIM helps prevent email spoofing and improves deliverability by proving emails truly came from the claimed domain.
How DKIM Works
DKIM works through a cryptographic signing process:
1. Signing: The sending mail server adds a DKIM-Signature header containing a cryptographic signature of certain email headers and body
- Publishing: The sending domain publishes a public key in their DNS records
- Verification: Receiving servers fetch the public key and verify the signature
- Result: If valid, the email is authenticated as genuinely from that domain
The signature covers the email content, so any tampering in transit will cause verification to fail.
DKIM in Development
When testing emails, DKIM affects your workflow in several ways:
Production Emails
- Your email service (SendGrid, Postmark, etc.) handles DKIM signing
- You need to add DKIM DNS records for your sending domain
- Improperly configured DKIM can cause emails to go to spam
Test Emails
- Test services like plop.email handle DKIM for the receiving side
- When testing your app's emails, you're testing that emails are sent, not DKIM configuration
- DKIM testing is typically done during email infrastructure setup, not in E2E tests
Testing DKIM Configuration
While plop.email focuses on functional email testing, verifying DKIM setup is part of email infrastructure:
- Use tools like mail-tester.com to check DKIM signing
- Verify your DNS records are correctly published
- Test with real inboxes (Gmail, Outlook) to confirm deliverability
- Monitor DMARC reports for DKIM failures
For E2E testing, focus on the email content and functionality, leaving DKIM verification to infrastructure tests.
Related Terms
Related Use Cases
Try dkim with plop.email
Get started with reliable email testing in minutes.