User Tools

Site Tools


how_to:signing_outgoing_mail_with_dkim

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision
Previous revision
how_to:signing_outgoing_mail_with_dkim [2020/07/16 18:58] paulhow_to:signing_outgoing_mail_with_dkim [2020/07/22 10:32] (current) paul
Line 7: Line 7:
 To be able to do this yourself, you need to have access to the DNS server for your domain. This might be your own DNS server, or one provided by your domain registry.  To be able to do this yourself, you need to have access to the DNS server for your domain. This might be your own DNS server, or one provided by your domain registry. 
  
-Now you need to generate a public key to put into a TXT record for your domainTo do this, search for a DKIM key generator, like [[http://dkimcore.org]], and enter the domain you want to put DKIM onto. This will generate a public key and a private key, and also a selector. The selector generated by dkimcore.org will look something like **<number>.<domain name>**, but you can actually use any selector name you wish.+Now you need to generate a public key / private key pair to sign & verify your messagesThere is a DKIM generator on our website at [[https://www.pscs.co.uk/tools/dkim]]. For the selector name use one or more valid DNS name parts. You should not re-use selector names. For simplicitywe suggest using 's1' the first time you generate a certificate, then 's2' the second time, and so on.
  
-On the DNS server, create a new TXT record, with a host name of the <selector>._domainkey.<domain name> - for instance **1532654.example._domainkey.example.com**. Copy the public key from the key generator, and paste it into the TXT record's data. Remember to remove the speech marks and any spaces in the key. Apply the changes on the DNS server.+On the DNS server, create a new TXT record, with a host name of the <selector>._domainkey.<domain name> - for instance **s1._domainkey.example.com**. Copy the public key from the key generator, and paste it into the TXT record's data. Apply the changes on the DNS server.
  
-Now you need to sort out the private key. Copy the private key (including the BEGIN/END lines) and paste it into a text editor, like notepad. This document needs to be saved into the VPOP3 directory, as a file called **domainkey_<domain name>_<selector>.key** (e.g. **domainkey_example.com_1532654.example.key**). +Now you need to sort out the private key. Copy the private key (including the BEGIN/END lines) and paste it into a text editor, like notepad. This document needs to be saved into the VPOP3 directory, as a file called **domainkey_<domain name>_<selector>.key** (e.g. **domainkey_example.com_s1.key**). 
  
 Now go onto VPOP3 and click the **Services** tab, and **SMTP Server**, then click the **spam reduction** tab. Once there, change the **DKIM Signing** box to **All Local Senders**, and add the selector to the **DKIM Selector** box. Then click Submit. Now go onto VPOP3 and click the **Services** tab, and **SMTP Server**, then click the **spam reduction** tab. Once there, change the **DKIM Signing** box to **All Local Senders**, and add the selector to the **DKIM Selector** box. Then click Submit.
how_to/signing_outgoing_mail_with_dkim.1594925882.txt.gz · Last modified: 2020/07/16 18:58 by paul