I think there's an issue here with the following statement "With the newly acquired public key, the receiving server builds its own hashes and compares them with the ones received in the message." The public key in this instance can't be used to "build" the same hash and do a comparison right? Rather the public key is used to decrypt the "hash" in order to verify it was encrypted using the correspondent private key. If anyone could build the same hash using the public key that existed in the DNS record, anyone could pretend to be the sending server. Also the use of the word "hash" in this context is incorrect in my opinion, since it implies a one-way function. More correct would be using "cipher text" as it indicates it can be decrypted (in this case using asymmetric cryptography.
We, at Mailtrap, are committed to enhancing your knowledge of email authentication. Dive into this tutorial to understand DKIM, how to create a DKIM record, and its role in preventing email spoofing. Do you have any other questions about DKIM? Let us know in the comments
I have a question, for emails that are sent through multiple Smtp Relay servers, the Private key is setup in the first sending server or in each of the Smtp Relay servers? or in the final sending server?
I have a question, for emails that are sent through multiple Smtp Relay servers, the Private key is setup in the first sending server or in each of the Smtp Relay servers? or in the final sending server?
Hello. Thanks for watching and for your question! The private key should be set up in the final sending server that dispatches the email to the recipient's mail server. The DKIM signature is then validated by the recipient's server using the corresponding public key published in your DNS records. We hope this helps!
Basically it is an SSH (Secure Shell) key, one private key "the owner's key" and the other "Public" that will be sent to the other side, and if the other part has the public key, it can be open the email, if not received the key, they can't open the email.
Hello. Thank you for watching our video and for your comment. Yes, mostly you are right indeed. Stay with out channel for all things email! There's more to come!
I believe it queries the domain from one of the headers that has the sender's email address in it. The process is trying to prove that the sender is really sending from that domain.
We have a very detailed overview for DKIM in Mailtrap blog article: mailtrap.io/blog/dkim/ This video is just a quick overview for the key points. Hope you will find our article helpful!
Thank you for watching, and for your question. The thing is spoofing and phishing are a double-bind. Phishing is a type of attack. It uses deception, manipulation, etc. to induce the recipient to perform some action that the attacker wants, such as clicking on a link or opening a malicious attachment. Spoofing is a means for making certain types of attacks - such as phishing - more believable or effective. For example, an attacker performing a phishing attack may use email spoofing to make the malicious email appear to originate from a trusted source, increasing the probability that the recipient will trust the email and do what the attacker wants. Thus, by DKIM MEANS we prevent the TYPE of attack.
I think there's an issue here with the following statement "With the newly acquired public key, the receiving server builds its own hashes and compares them with the ones received in the message." The public key in this instance can't be used to "build" the same hash and do a comparison right? Rather the public key is used to decrypt the "hash" in order to verify it was encrypted using the correspondent private key. If anyone could build the same hash using the public key that existed in the DNS record, anyone could pretend to be the sending server. Also the use of the word "hash" in this context is incorrect in my opinion, since it implies a one-way function. More correct would be using "cipher text" as it indicates it can be decrypted (in this case using asymmetric cryptography.
Thank you for noticing the details!
Please, attend to our Mailtrap blog article for specific details on DKIM: mailtrap.io/blog/dkim/
Hope you will find it helpful!
We, at Mailtrap, are committed to enhancing your knowledge of email authentication. Dive into this tutorial to understand DKIM, how to create a DKIM record, and its role in preventing email spoofing. Do you have any other questions about DKIM? Let us know in the comments
I have a question, for emails that are sent through multiple Smtp Relay servers, the Private key is setup in the first sending server or in each of the Smtp Relay servers? or in the final sending server?
I have a question, for emails that are sent through multiple Smtp Relay servers, the Private key is setup in the first sending server or in each of the Smtp Relay servers? or in the final sending server?
Hello. Thanks for watching and for your question!
The private key should be set up in the final sending server that dispatches the email to the recipient's mail server. The DKIM signature is then validated by the recipient's server using the corresponding public key published in your DNS records.
We hope this helps!
@@mailtrap. but since it's a relay smtp server, we should give our private key to the smtp relay?
Basically it is an SSH (Secure Shell) key, one private key "the owner's key" and the other "Public" that will be sent to the other side, and if the other part has the public key, it can be open the email, if not received the key, they can't open the email.
Hello. Thank you for watching our video and for your comment. Yes, mostly you are right indeed.
Stay with out channel for all things email! There's more to come!
How it understands what is the public key hostname?
Does it not just use the sender hostname?
I believe it queries the domain from one of the headers that has the sender's email address in it. The process is trying to prove that the sender is really sending from that domain.
We have a very detailed overview for DKIM in Mailtrap blog article: mailtrap.io/blog/dkim/
This video is just a quick overview for the key points.
Hope you will find our article helpful!
I fail to see how this stops phishing. Spoofing, yes.
Thank you for watching, and for your question. The thing is spoofing and phishing are a double-bind.
Phishing is a type of attack. It uses deception, manipulation, etc. to induce the recipient to perform some action that the attacker wants, such as clicking on a link or opening a malicious attachment. Spoofing is a means for making certain types of attacks - such as phishing - more believable or effective. For example, an attacker performing a phishing attack may use email spoofing to make the malicious email appear to originate from a trusted source, increasing the probability that the recipient will trust the email and do what the attacker wants.
Thus, by DKIM MEANS we prevent the TYPE of attack.
Very nice video! Can I have dkim and spf registers configured even if I don't have a A or NS register, right or? Thanks
Yes, absolutely
hi.. can i use DKIM key to white label email correspondence > thank you
At the moment, at Mailtrap, we don’t allow using customers DKIM for this purpose. Otherwise, in a broad sense, it might be posiible.