Roughly, this is how DKIM works. Someone like PayPal shoots you an email with an embedded digital signature that you can't even see. Your ISP's mail server verifies the signature against the source. If it matches, you get the email. If it doesn't, goodbye. The digital signatures use something called public key cryptography, which is considered all but inpenetrable.
Let's hope it works. In the meantime, I've amended a little poem about spam (that also doubles as a homage to my hero, Dr. Seuss) that I wrote awhile back.
I do not like you Spam-I-Am.
I would not read you in a meeting or at my desk.
I would not read you no matter how slick your request.
I would not read you on my laptop or phone.
I would not read you, period. So, leave me alone!
I will not click upon your links.
or open your files, because they stink!
I do not like you Spam-I-Am!
I do not like your phishing scams.
I will not send you info about me,
go away, go away and let me be!
I will not fall for your bogus subject lines,
I hope the cops find you and give you fines.
I really, really don't like you Spam-I-Am.
You tie up my inbox and make things jam.
Perhaps this new standard will make you flee,
I'll just have to watch and wait and see.