DKIM is a free technology that is used to link a piece of email back to a domain. When an email is sent, it is signed using a private domain key and then validated on the receiving mail server (or ISP) using a public key that is located within the DNS. This action authenticates that the content of the email was not modified during its transfer. It prevents someone from intercepting your email, altering it, then sending it along with altered information.
DKIM signatures can survive forwarding, which makes it superior to SPF and a great way to secure your email.
Together when monitored on a domain, SPF and DKIM are how dmarcian can tell you what’s happening and how to add specific DMARC policies based on this feedback. You can always verify if an email message has been properly signed with DKIM or is passing SPF by simply checking the message headers within the code.