Domain Keys

What is it?

What is it?

DomainKeys is an email authentication technology designed to verify the integrity and authenticity of email messages by adding a digital signature to the email header. Developed by Yahoo! in collaboration with other email service providers, DomainKeys helps prevent email spoofing, phishing, and tampering by allowing receiving email servers to validate the sender's domain and ensure that the message has not been altered during transit.

Key points to remember

Key points to remember

  • Digital Signatures: DomainKeys uses cryptographic techniques to generate a unique digital signature for each outgoing email message. This signature is based on the content of the email and information about the sending domain.

  • Public Key Infrastructure (PKI): The sender's domain publishes a public key in its Domain Name System (DNS) records, which receiving email servers use to verify the authenticity of the digital signature attached to incoming emails.


  • Authentication Process: When an email is received, the receiving email server retrieves the sender's public key from the DNS records, validates the digital signature using this key, and compares it with the calculated signature based on the email content. If the signatures match, the email is considered authentic and has not been altered in transit.


  • Protection Against Spoofing: DomainKeys helps prevent email spoofing and forgery by ensuring that the sender's domain can be verified, thus increasing trust in the authenticity of the email sender.


  • Complementary Technologies: DomainKeys is often used in conjunction with other email authentication methods, such as Sender Policy Framework (SPF) and Domain-based Message Authentication, Reporting, and Conformance (DMARC), to provide comprehensive email security and anti-spoofing measures.

Example of Use

Example of Use

  1. Email Authentication: An email service provider implements DomainKeys authentication for its outgoing email servers, digitally signing all outgoing emails with DomainKeys signatures to verify their authenticity.


  2. Anti-Phishing Measures: A bank uses DomainKeys to protect its customers from phishing attacks by digitally signing all outgoing emails containing account-related information. This ensures that recipients can trust the emails' origins and contents.

Find and verify emails for free