DKIM operates by using the public-key cryptography approach to detect a forgery in emails and verify whether an email message was sent from a legitimate mail server. The DKIM keys help spot spam and malware-embedded emails.
DKIM involves the generation of a pair of private and public encryption keys for each server. While the private key is allotted to the sender’s server, the public key is placed on the domain owner’s DNS zone file to form a special TXT record.