DKIM stands for DomainKeys Identified Mail. It’s a security standard that ensures authenticity of messages, meaning that messages are not altered in transit.
The sending email server signs the messages with a private key and receiving mail servers use public key to verify a message’s signature. Public key needs to be added on DNS records of sender’s domain.
Create Dkim record on Zimbra server as Zimbra user (su zimbra)
/opt/zimbra/libexec/zmdkimkeyutil -a -d yourdomain.com
You can view the domain DKIM key and other stored DKIM information for the domain with the command:
/opt/zimbra/libexec/zmdkimkeyutil -q -d yourdomain.com
Copy DKIM key to your domain DNS records. In the example below, we are managing DNS through Cloudflare. Pay attention to the cut & paste key as you need to remove ” marks and make sure there are no spaces on the key.
Test DKIM record https://dkimcore.org/tools/keycheck.html
Using DKIM together with DMARC (and SPF) your domain is protected against altering while in transit as well as against malicious emails sent on behalf of your domains
For more information, please check Zimbra wiki.