DKIM, or DomainKeys Identified Mail, is an email authentication method designed to detect forged sender addresses in emails, a common tactic in phishing and spam. It works by allowing the sender’s mail server to attach a digital signature to each outgoing email. This signature is generated using a private cryptographic key and can be verified by the recipient’s mail server using the sender’s public key, which is published in the domain’s DNS records. If the signature matches, it confirms the email has not been altered and is genuinely from the claimed domain. DKIM helps improve email security and deliverability by reducing the risk of spoofing.