DomainKeys Identified Mail
DKIM lets a sending mail server sign outgoing messages with a private key, with the public key published in DNS. Receiving servers verify the signature to confirm the message really came from that domain and was not modified in transit. It is one of the three pillars of email authentication alongside SPF and DMARC.