The DKIM project is a portable library that signs and verifies emails using the OpenSSL library.
DomainKeys Identified Mail (DKIM) defines a domain-level authentication framework for email using public-key cryptography and key server technology to permit verification of the source and contents of messages by either Mail Transport Agents (MTAs) or Mail User Agents (MUAs).
Ok..., what does that mean?
Let's break it down into chunks:
* ... domain-level authentication framework for email
DKIM uses DNS to store the public key and policy information. This information can be used to validate an identity associated with an email message.
* using public-key cryptography and key server technology
The DKIM signing algorithm computes a SHA-1 hash of the message header and body and encrypts it using the RSA algorithm and the private key. This signature is stored in the DKIM-Signature: header of the email.
* permit verification of ...
DKIM uses the public key from DNS to decrypt the signature and compares the hash to one computed from the email message.
This package contains only a small executable for generating / verifying DKIM headers.