What Is a DKIM-Signature Header?

A DKIM-Signature header is the signature of an email, containing all of the signature and key-fetching data necessary to cryptographically verify the message. This header is appended to an email by the original sender and consists of a tag-list of data used for the verifying function. It's then used to perform DKIM verification tests to validate that the message is legitimate and not spam/phishing.

The DKIM-Signature header contains important information about the sender, the message, and the public key location required for verification. These pieces of information are referred to as tags, with each having a specific value. For example, the d tag in the header stands for the DKIM domain, which is the domain that sent the message and the one used to find the public key used in DKIM verification.

Where Do I Find the DKIM Header?

The DKIM-Signature header can be found by viewing the original headers of the email. For a quick guide explaining how to find/get email headers for popular mail providers, please check out our How to Find Email Headers page. Once you've accessed the original email header, look for a header named DKIM-Signature. (Note: There can be multiple DKIM-Signature headers in an individual email depending on the number of times an email has been forwarded or routed). This header will contain a list of tags, which is highlighted in the below image.

 

burritos@banana-pancakes.com braunstrowman@banana-pancakes.com finnbalor@banana-pancakes.com ricflair@banana-pancakes.com randysavage@banana-pancakes.com