• cryptography
  • DKIM
  • email security

A secret message! The fairytale of DKIM

Once upon a time, the brave and handsome king of Rubrum Colatorium decided to send his beautiful and wise queen a message from the battlefield.

With enemies lurking all around, he needed to find a way to make sure no one got his hands on the secret communiqué.

He put his letter in a box, and put a padlock on it, for which only he had the key. When the queen received the box, she put her own padlock on the box as well (for which only she had the key) and sent the box with two locks back. The king took off his lock, and sent the box forth once more. The queen removed her lock, thereby opening the box. The box was always locked in transit, the contents secure.

This is exactly what happens in asymmetric cryptography.

DKIM (Domain Keys Identified Mail) which uses asymmetric cryptography, is one of the underlying technologies used by the DMARC protocol.

If you would like to learn more about DKIM, DMARC, and how they can protect your emails against spoofing, contact us, it’s what we do!

Stay secure!

PUBLISHED BY

Red Sift

16 Apr. 2019

SHARE ARTICLE:

Categories

Cybersecurity

Related articles

What is email spoofing and how can you prevent it?What is social engineering and how can you prevent it?Attackers are abusing Microsoft 365: Here’s how to stay protectedSVGs with JavaScript are bypassing traditional email security: Learn how to stay secure More than 50% of US banks remain vulnerable to phishing attacks

Recent Posts

VIEW ALL
BEC
12 Aug. 2025

What is email spoofing and how can you prevent it?

Faisal Misle

Executive summary: Email spoofing is a growing cyber threat where attackers forge the sender’s address to impersonate trusted sources, enabling phishing, business email compromise, and financial fraud. Because legacy email protocols like SMTP lack strong authentication, spoofing can bypass traditional filters. Organizations can mitigate this risk by implementing robust email authentication measures, especially DMARC.…

Read more
Email
1 Aug. 2025

What is social engineering and how can you prevent it?

Jack Lilley

Executive summary: Email phishing has evolved and criminals now use social engineering to impersonate executives, suppliers, and even government agencies, persuading recipients to approve payments or disclose credentials. Because human judgment sits at the heart of these attacks, technical controls that eliminate spoofed messages before they reach the inbox are essential. DMARC provides that…

Read more
Cybersecurity
29 Jul. 2025

Attackers are abusing Microsoft 365: Here’s how to stay protected

Jack Lilley

Executive summary: Varonis has surfaced an active phishing campaign that spoofs internal users by abusing Microsoft 365’s Direct Send feature. Because Direct Send doesn’t require authentication and is treated as “internal,” these messages often bypass the checks you rely on for outside mail. Microsoft now offers an opt-in switch, RejectDirectSend, to block the pathway,…

Read more
BEC
16 Jul. 2025

SVGs with JavaScript are bypassing traditional email security: Learn how to stay…

Jack Lilley

Executive summary: Hackers are hiding JavaScript inside SVG attachments that pass as harmless images, and slipping past Secure Email Gateways (SEGs). To stay secure, organizations need to enforce a DMARC policy of p=reject, easily implemented with Red Sift OnDMARC, to stop compromised SVGs before they reach the end user. Key takeaways: Scalable Vector Graphics…

Read more
Red Sift Logo

PLATFORM

The Red Sift Pulse Platform

Internet-scale cybersecurity intelligence meets trusted AI.
OnDMARC

Protect against phishing and BEC attacks.
Brand Trust

Stop brand abuse, fraud and lookalike attacks.
ASM

Continuously discover and manage external-facing and cloud assets.
Certificates

Real-time discovery and seamless monitoring for certificates.

INNOVATION

CUSTOMERS

Resources

Company