DomainKeys Identified Mail (DKIM for short) is used to secure the message header and the body of an email. In addition to the sender in the message header, other components such as subject and recipient can also be verified. Technically, this works with signatures that can be verified with the help of an entry in the DNS. If the signature is incorrect, the mail can be recognized as forged without hesitation. So, you can use a DKIM signature check to ensure that the data displayed is correct.

It’s a good idea to always combine a DKIM record in DNS with a DMARC record. This tells the recipient that all emails from the sender domain must have a valid DKIM signature or SPF record. This makes it easier to detect fake emails and reliably fend them off.