Email marketing How to setup a DKIM signature

Underground Forum

Underground Forum

  • #1

What is a DKIM signature?​

The DKIM signature is used to authenticate the sender's email address.

DKIM key generation​

First of all, you need to generate a pair of DKIM keys, public and private.

Public key example:
-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCEb2NV4mpKZ+69sUEXP6eOLS3O
RikUUTonDJmO/nMt7h+qY0W96o9Lwz4fJzdRlh1r74pGAvsR98RUUqdkTY6S8xjV
bGDccLflyIsJjrjSuK70HDnYLrE7uk9LcEAM8amSVCW8vv6Sq35bB7Vm8h9HS8JK
8aPqY68MujjD96lEUQIDAQAB
-----END PUBLIC KEY-----

Private key example:
-----BEGIN RSA PRIVATE KEY-----
MIICXAIBAAKBgQCEb2NV4mpKZ+69sUEXP6eOLS3ORikUUTonDJmO/nMt7h+qY0W9
6o9Lwz4fJzdRlh1r74pGAvsR98RUUqdkTY6S8xjVbGDccLflyIsJjrjSuK70HDnY
LrE7uk9LcEAM8amSVCW8vv6Sq35bB7Vm8h9HS8JK8aPqY68MujjD96lEUQIDAQAB
AoGAMSznNsnW7AABr2A1KjvRrMJr4s88i7XJoRxVnLow7JoiGfO4vtdtFBXQaGL4
cIwMKrsMngiXT8mvlhwG2gDOcoR/8l6GR5hOTAEvWnYlEy5YE6SID8lie/eZFFBD
OaiWzB86rsyw7XyOGjXtZ3+BMcS+b2LDZqO/SUl5+qhhFgECQQD9+bOsiF1GvlYZ
hlrubudNrbA5A0AlVgrh59NCoCgTUvxm0lpH8CUQqldIVMt2o3vmguSbjOPtrsZm
DpPzv7TxAkEAhX2nY2lik0+e5pnuPqtsqQGPVFCl7bUO2ClnRO5Mky4GNHPLwQuQ
nBWZA1mbcPTak4WxHqG0Mb/MX/nLgU0FYQJBAKzghZ8Ri3yWHwFs5QSb1TKY4fVM
8yL2+J1hMfqODflpaYmL8gw5uOEpMhR4M67kBXiY7Ie9VYD6kO3zSl6GxeECQBmR
pONEx03iHVScPWchnLGOi+6hd/bdDFfZLl+kqWQzl5qqZ2e1mGBdPq7GliB/tfI1
1GRCouo4i6QCi7lbkGECQE3f19s0/Wu3dbhMbdsDRTPP3VuTCVo1qfDpR9hg8OVn
R5u3hIece9fFe8X9fnRsSJgIwW3fRg8Ezf4vzAJoHKE=
-----END RSA PRIVATE KEY-----

Generation via OpenSSL​

# Open a terminal and enter the command:​
openssl
# Generate a private, 1024 bit DKIM key:​
genrsa -out rsa_private_key.pem 1024
# Generate a public DKIM key:​
rsa -in rsa_private_key.pem -pubout -out rsa_public_key.pem

Generation via OpenDKIM​

# Open a terminal and enter the command:​
opendkim-genkey -d domain.com -s mail
domain.com - your domain​
mail - selector​

Generation via DKIM Wizard​

Go to
Please, Login or Register to view URLs content!
, enter your domain name, select the DKIM key size in bits (1024 and 2048), selector and click "Create Keys".​
Do not use "key1" as a DKIM selector.​


Install DKIM key​

Depending on the MTA used, place the private key file in the required directory of your sending server, and the public key on the DNS side as a TXT record.

Path to private key in EXIM:
-/etc/exim4/dkim/

In PowerMTA:
-/etc/pmta/

Example of DNS record:
dkim7._domainkey.domain.com.
selector.domainkey.domainname
TXT (text record)v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCF3LpS+qlsaaYK4VE6I8apSXNMSM/Ef1BEE1XOvNyQkabx3kG24TVs3rr1+vZXukBoZ4C4tMFTJk0Kq3xoY1s6dvkoMrb52dktaJa4/M2Pk GwijZPgaNenvdXb9JHa7By6oos2K2tZbLgbKnnsnFJK6bophO9IsJzMbs/Oaw2q1wIDAQAB
Public DKIM key
 
Top