DomainKeys Identified Mail
DKIM is required to pass DMARC. Without it, your email won't be trusted by major providers. Set up alongside SPF as part of any serious email configuration.
What It Defines
DKIM adds a cryptographic signature to outgoing email. The sending domain publishes its public key as a DNS TXT record; receiving MTAs verify the DKIM-Signature header to confirm message integrity.
Canonical (Normative)
Convenient (Practical)
The canonical publication point for finalized RFCs. If a protocol is standardized as an RFC, the RFC Editor text is the normative final reference. Published by the IETF, IRTF, IAB, and independent stream.
Related Specs
Without a correct SPF record, your domain's email will fail or be deferred by major receivers (Gmail, Outlook). Set correctly as part of basic email deliverability.
DMARC is the final layer of email authentication. Without it, your domain can be spoofed in phishing. Google and Yahoo require DMARC for bulk senders.
The record types (A, MX, TXT, CNAME) you configure in every DNS panel live in this spec. Know what you're setting.
The structure of every email header you've ever seen is defined here. Essential for email deliverability debugging and understanding DKIM header signing.