Email Deliverability · Glossary

What is DKIM?

DKIM (DomainKeys Identified Mail) is an email-authentication method that adds a cryptographic signature to every message you send. The receiving server uses a public key published in your DNS to verify the message genuinely came from your domain and wasn’t tampered with in transit — strengthening trust and deliverability.

How DKIM works

Your sending server signs each message with a private key; the matching public key lives in your DNS. Receivers check the signature to confirm authenticity and integrity. DKIM pairs with SPF and is required for DMARC alignment.

See deliverability tools

Want to see DKIM working in practice?

Keres AI uses this in every call — see how it works for your specific vertical and workflow.

Fix your deliverability →

Related terms

SPF (Sender Policy Framework)

SPF (Sender Policy Framework) is a DNS record that specifies which mail servers are authorized to send email on behalf o…

DMARC

DMARC (Domain-based Message Authentication, Reporting & Conformance) is a DNS policy that builds on SPF and DKIM. It tel…

Email Deliverability

Email deliverability is the measure of whether your emails actually reach recipients’ primary inboxes rather than the sp…

← Back to the full glossary

FAQ

DKIM — FAQ

What’s the difference between SPF and DKIM?

SPF authorizes which servers may send for your domain; DKIM cryptographically proves the message wasn’t altered and came from you. DMARC ties them together.

See DKIM working live

Book a free 30-minute demo and watch Keres answer a call, qualify the lead, and book an appointment in under sixty seconds.

Get DKIM configured for you

Book a Demo