i did so much of digging on web with no result. This is my question. I know what is DKIM and i know where Private key and public keys for DKIM are kept.
When mail server which supports DKIM is sending email, it signs specific parts of the message with Private key and put the HASH of the selected parts into the mail header. I understand here completely.
But when the recipient receives the email, it will query the DNS server of the sending domain for the Public Key of the DKIM.
So how the mail server uses the Public key to validate the identity of the received message?
Could you please explain it to me in details? Regards
The receiving email server does two things:
Assuming the message is valid, the decrypted signature computed in (2) should match the hash computed in (1).