It is difficult for recipients to establish whether to trust or distrust any particular message or even domain, and system administrators may have to deal with complaints about spam that appears to have originated from their systems but did not.
Domain Keys Identified Mail (DKIM) is an email authentication method designed to detect email spoofing.
It allows the receiver to check that an email claimed to have come from a specific domain was indeed authorized by the owner of that domain.
It does not directly prevent or disclose abusive behavior.
This ability to distinguish legitimate mail from potentially forged mail has benefits for recipients of e-mail as well as senders.
The need for this type of validated identification arose because spam often has forged addresses and content.
For example, a spam message may claim to be from [email protected], although it is not actually from that address or domain or entity, and the spammer's goal is to convince the recipient to accept and to read the email.
Signature verification failure does not force rejection of the message.
Instead, the precise reasons why the authenticity of the message could not be proven should be made available to downstream and upstream processes. For the purpose of the DKIM IETF Working Group, Yahoo!
It is intended to prevent forged sender addresses in emails, a technique often used in phishing and email spam.