DomainKeys
Identified Mail or DKIM is an anti-tamper protocol that ensures the
security of your emails. DKIM protocol uses digital signatures to
confirm whether the email was sent by an authentic sender.
The first DKIM action occurs on the serverthat
sends a DKIM signed email, while the second takes place on the
recipient server that checks DKIM signatures on incoming emails. The
entire process is made possible by a pair of private and public keys.
The
private key is kept secret and safe either on your own server or with
your ESP. The public key, on the other hand, is added to the DNS records
of your domain to broadcast to the world and help verify your emails.
This is done by providing a digital signature for the email. Once the
receiver verifies that an email is signed with a valid DKIM signature,
it’s clear that the integrity of the email is preserved.
Now that you have a brief idea of DKIM, let’s learn how to implement the same.
DKIM configuration has three simple yet major steps.
Generate a public domain key for the concerned domain.
After
you have decided the list of domains that you want to implement DKIM
for, create a public key for the concerned domain. A selector name will
have to be specified for your key pairs. It acts like a map for the
receiving email server.
2. Add the public key to the DNS entries for that domain.
This
key can be used by email servers to validate DKIM signatures in your
messages. After you have created the keys, you will need to add the pair
of keys to your DNS for the selected domains. It will be a TXT record
with some value.
Sign in to your DNS management console.
Locate the page where you update DNS records.
Add a TXT record:
In the first field, enter the DNS Host name.
In the second field, TXT record value.
Save your changes.
These changes will take a day or two to reflect.
3. To begin applying a DKIM signature to all outgoing messages, enable DKIM signing.
After
completing steps 1 and 2, enable DKIM signing by checking the box
available on your DNS on all outbound emails for your domain. You can
also test your DKIM set up by sending a test email or using EmailAuth’s free DKIM record lookup tool.
You have successfully configured DKIM for your domain. To learn more about DMARC, DKIM, and SPF, log on to https://emailauth.io/.