It is the most advanced protocol and is widely used by Google’s mail service. It allows the sender to sign their email by using digital signature in the header. Learn more about DKIM
Here, a public key (provided by mail server) is entered in the DNS settings. Now, when an email is sent, it uses an encrypted private key which is decrypted by the receiving server by matching it with the public key present in DNS. This checks the authenticity of sender as well as the message content. Thus preventing the spammer to steal the identity of senders and prove that the email is exclusive to a particular domain as well as the integrity of message is compromised.
Internet service providers such as Gmail, Microsoft, yahoo, AOL use either of these or a combination of above methodologies to protect their users. We would suggest you to follow all authentication method for the maximum protection of your domain.
It is an email authentication system of public/private key to verify the origin of an email through DNS and is designed to validate the email sender as well as check the integrity of the message. The mail server (zcsend.net) inserts a special header into the outgoing email signed with an encrypted code which is decrypted by the receiving mail server using the public key contained in the DNS text record. Although, it has become outdated but there are major email client such as Yahoo which is still using this protocol. Learn more about Domain Key