DomainKeys Identified Mail, or DKIM, is a system for confirming the genuineness of an email message using an electronic signature. When DomainKeys Identified Mail is activated for a certain domain name, a public cryptographic key is published to the global DNS database and a private one is stored on the mail server. If a new email is sent, a signature is generated using the private key and when the email is delivered, that signature is ‘scanned’ by the incoming POP3/IMAP email server using the public key. In this way, the recipient can easily tell if the email is legitimate or if the sender’s email address has been forged. A discrepancy will appear if the content of the email message has been modified on its way as well, so DomainKeys Identified Mail can also be used to make sure that the sent and the delivered messages are identical and that nothing has been attached or erased. This email authentication system will heighten your email security, as you can validate the legitimacy of the important emails that you receive and your associates can do likewise with the emails that you send them. Depending on the given email service provider’s policies, an email that fails to pass the test may be erased or may end up in the recipient’s inbox with a warning.