Introduction
This document describes the conditions that produce certain authentication results for DKIM.
Results
DomainKeys Identified Mail (DKIM) is an email validation system designed to detect email spoofing by providing a mechanism to allow receiving mail exchangers to check that incoming mail from a domain is authorized by that domain's administrators.
The Cisco Email Security Appliance (ESA) can produce following result with DKIM signing and verification ON/OFF:
DKIM signature (Sending End) |
DKIM Verification (Receiving End) |
Result |
| ON |
ON |
Pass/Permerror/Temperror/Hardfail |
| ON |
OFF |
None |
| OFF |
OFF |
None |
| OFF |
ON |
Neutral |
Pass. The message passed the authentication tests.
Neutral. Authentication was not performed.
Temperror. A recoverable error occurred.
Permerror. An unrecoverable error occurred.
Hardfail. The authentication tests failed.
None. The message was not signed.
If the verification of DKIM is OFF in Mail Flow Policies at the receiving end, then the DKIM result will not be displayed in mail logs. However, a result of "none" can be matched in the content filters.
Related Information
Feedback