DKIM (DomainKeys Identified Mail) is an email authentication method that is designed to detect forged sender addresses in emails. 4me now allows organizations to use their own DKIM keys. Combined with DMARC (Domain-based Message Authentication, Reporting and Conformance), organizations can now set up their 4me Email Policy and the DNS entries for their internet domain in such a way that the email notifications that 4me generates on their behalf can be authenticated.
That way, when 4me sends out an email with a ‘From’ address of the organization’s internet domain, the recipient can use the DKIM keys to verify that these messages were indeed sent by a sender that was authorized to use the organization’s internet domain in the ‘From’ address.
Organizations that have set up a directory account can reuse their directory account’s DKIM keys in all of their support domain accounts. However, if the internet domain specified in the ‘From email address’ field of a support domain’s email policy does not match the DKIM domain of its directory account, then all outbound messages will have a valid DKIM signature signed with the keys from the directory account, but DMARC will fail because the DKIM signature must be signed with the keys for the domain taken from the From: field of the email messages in order to pass.