This is the second in a new ongoing series for us that gives you the tips and tricks you need for successful DMARC deployment . Read the previous tip here.
DomainKeys Identified Mail (DKIM) is the successor to Yahoo DomainKeys. Both share similarities, however DKIM has the additional aspects of Cisco's Identified Internet Mail standard (IIM). The enhancements to this standard gives more security and flexibility then DomainKeys alone. Some of the main differences between DomainKeys vs DKIM are the following:
- DKIM allows for multiple signature algorithms (DK only allows one)
- DKIM has more options which would allow you to validate both header and body.
- DKIM allows third parties to sign.
- DKIM allows self-sign the DKIM-Signature header field (helps protect against modification)
- DKIM gives you the option to use wildcard on some parameters.
- DKIM supports signature timeouts in DNS.
