User Tools

Site Tools


how_to:signing_outgoing_mail_with_dkim

Signing outgoing mail with DKIM

DKIM, also known as DomainKeys Identified Mail, is a form of email authentication that digitally signs emails to prove that they were sent from authorized domains and aren't fake emails. Companies like Google and Yahoo use DKIM to sign their emails and it is becoming ever more popular.

VPOP3 v6.15 and later support DKIM encryption.

To be able to do this yourself, you need to have access to the DNS server for your domain. This might be your own DNS server, or one provided by your domain registry.

Now you need to generate a public key to put into a TXT record for your domain. To do this, search for a DKIM key generator, like http://dkimcore.org, and enter the domain you want to put DKIM onto. This will generate a public key and a private key, and also a selector. The selector will look something like <number>.<domain name>.

On the DNS server, create a new TXT record, with a host name of the <selector>._domainkey.<domain name> - for instance 1532654.example._domainkey.example.com. Copy the public key from the key generator, and paste it into the TXT record's data. Remember to remove the speech marks and any spaces in the key. Apply the changes on the DNS server.

Now you need to sort out the private key. Copy the private key (including the BEGIN/END lines) and paste it into a text editor, like notepad. This document needs to be saved into the VPOP3 directory, as a file called domainkey_<domain name>_<selector>.key (e.g. domainkey_example.com_1532654.example.key).

Now go onto VPOP3 and click the Services tab, and SMTP Server, then click the spam reduction tab. Once there, change the DKIM Signing box to All Local Senders, and add the selector to the DKIM Selector box. Then click Submit.

Now, when you send a message through your VPOP3 server from the appropriate domain, VPOP3 will generate a DKIM signature for the message.

If you can send mail from several different domains, just have several different domainkey_…..key files in the VPOP3 directory and VPOP3 will choose between them as appropriate. If there isn't a domainkey_…..key file for a particular sender, then VPOP3 will not generate a DKIM signature for that message.

how_to/signing_outgoing_mail_with_dkim.txt · Last modified: 2018/11/14 10:45 (external edit)