Features > Anti-Spam > DomainKeys DomainKeys
DomainKeys aim is to stop the practice of changing an e-mail message's header information so it appears to have been sent by someone else.
DomainKeys is designed to let receiving e-mail systems confirm that a message in fact originated from a user authorised to send e-mail for the domain stated in the header. DomainKeys uses public cryptography technology to accomplish this validation. The outgoing message is digitally "signed" with a private key while the receiving e-mail system uses a public key to validate the signature.
Mailtraq provides the Administrator with a Wizard to simplify the creation of a DomainKey with which you can sign outgoing mail.
Background
DomainKeys adds a header named "DomainKey-Signature" that contains a digital signature of the contents of the mail message. The default parameters for the authentication mechanism are to use SHA-1 as the cryptographic hash and RSA as the public key encryption scheme, and encode the encrypted hash using Base64.
The receiving SMTP server then uses the name of the domain from which the mail originated, the string _domainkey, and a selector from the header to perform a DNS lookup; the returned data includes that domain's public key. The receiver can then decrypt the hash value in the header field and at the same time recalculate the hash value for the mail body that was received, from the point immediately following the "DomainKey-Signature:" header. If the two values match, this cryptographically proves that the mail did in fact originate at the purported domain, and has not been tampered with in transit.
Read more about the background and methods used with DomainKeys here. | 
