Overview
DomainKeys Identified Mail (DKIM) is an email-authentication method that verifies the authenticity of an email message using public-key cryptography. A digital signature is added to the message header; the signature can be verified against a public key published in DNS under the sending domain. DKIM prevents email spoofing and allows recipients to confirm that a message genuinely originated from the claimed domain.
Signing
Stalwart can automatically sign outgoing messages with one or more DKIM signatures. The following algorithms are supported:
Verifying
Stalwart can verify the DKIM signatures of incoming messages using the ED25519-SHA256, RSA-SHA256, or RSA-SHA1 algorithms. Verification is configured on the SenderAuth singleton (found in the WebUI under Settings › MTA › Inbound › Sender Authentication).