Question
Does Signature 365 support DomainKeys Identified Mail (DKIM)?
Answer
Yes, Signature 365 supports DKIM. Signature 365 removes DKIM headers when processing email, but DKIM is re-applied by Microsoft 365 after email is processed by Signature 365 and before it is delivered to recipients.
More information
DKIM is one of the trio of Authentication methods (SPF, DKIM and DMARC) that help prevent attackers from sending messages that look like they come from your domain.
DKIM lets you add a digital signature to outbound email messages in the message header. When you configure DKIM, you authorize your domain to associate, or sign, its name to an email message using cryptographic authentication. Email systems that get email from your domain can use this digital signature to help verify whether incoming email is legitimate.
In basic, a private key encrypts the header in a domain's outgoing email. The public key is published in the domain's DNS records, and receiving servers can use that key to decode the signature. DKIM verification helps the receiving servers confirm the mail is really coming from your domain and not someone spoofing your domain.