DKIM is Domain Keys Identified Mail, the standard used to protect both email sender and email receiver from a phishing attack, spam, and spoofing. DKIM help to recognize at inbound email server that message received is from a trusted source. In order to prevent receiving spam, DKIM uses the term “public key cryptography” to the receiver server that the message is sent from trust source.
DKIM is updated in Domain Name System (DNS) as a signature at the header of the email message. IT publishes a cryptographic public key in TXT record in DNS, it will help to identify that message has a valid digital signature and message can be accepted into an inbox.
Domain Keys Identified Mail DKIM provides an encryption key with a digital signature on the server that verifies that an email message was true.
IF you are sending transactional or Business promotional emails, it is compulsory to email authenticate your outgoing messages as a true and valid source has sent an email. You also have to get check your SPF and DMARC records updated correctly in DNS with DKIM. All three records updated correctly in DNS will improve email inbox deliverability.
The ISPs like Gmail, Yahoo, and Hotmail and Microsoft demands message received from email authenticated source, if your authentication does not match, your email will be sent to spam or flagged. But some ISPs allow email messages without SPF, DKIM and DMARC authentications, but major ISPs do not and they are very strict.
To get better inbox deliverability DKIM keys should be changed 3 to 4 times every calendar year. This is because hackers may use your DKIM keys for sending emails.