Ask most people these days what SPAM is and it'll be commonly accepted that it's grown to become a nuisance of the 21st century. Phishing and other privacy hijacking make opening your inbox more like opening Pandora's box.

The internet has grown in tandem with it's specifications, guidelines of protocol but, in my opinion, email has been less fortunate.

In an attempt to quell the increasing tide of SPAM Yahoo and Cisco implememented "DomainKeys" and "Indentified Internet Mail" respectively which later merged to become DomainKeys Identified Mail (DKIM), an IETF standards-track signature-based mechanism for authenticating email messages.

It wasn't until I came across Yahoo's over zealous spam-filter "SpamGuard" that I knew anything other than what DKIM stood for, but now I'm trying to write code to allow user's to send themselves legitimate email. In the instance of @yahoo domains that's proving less successful.

In an effort to embrace the philosophy :

DomainKeys Identified Mail (DKIM) lets an organization take responsibility for a message while it is in transit. The organization is a handler of the message, either as its originator or as an intermediary. Their reputation is the basis for evaluating whether to trust the message for delivery. Technically DKIM provides a method for validating a domain name identity that is associated with a message through cryptographic authentication.


I've set about trying to understand the additional signature headers and hashing algorithms for public/private key tokens to implement this with PHP. In summary I have established the following :

  1. The first thing to do is establish private and public keys
  2. You need to add a Resource Record(RR) to your DNS zone file. This is constructed with DKIM specification syntax
  3. Lastly your email is 'wrapped' in DKIM hashing. Additional headers, again to specification syntax, are added.

As I figure out more I'll add it to this post.

Further Reading