Proton Technologies AG has announced that ProtonMail now has support for DKIM key management but that it’s in a beta phase at the moment. With the ability to rotate DKIM keys, it’s now more difficult for hackers and spammers to impersonate ProtonMail users that leverage custom domain email addresses.
DKIM is short for DomainKeys Identified Mail, it is a form of email authentication that allows recipients to detect whether an email is using a forged sender address. Using public-key cryptography, recipients will be able to see if the sender’s private key matches up with the public key that the recipient has saved for that contact.
In its announcement, ProtonMail cited security experts who recommend that you generate a new DKIM public key every six months to prevent your address from being spoofed or any time that you fear your key may have already been compromised.
Full instructions for the feature can be found in the ProtonMail Support pages. In short, whenever you generate a new key you’ll receive it as a TXT record. You’ll need to copy the details of the new key into your DNS before ProtonMail recognises it and switches it to become your active key.