About DKIM | Atomic SMTP Knowledgebase

    What is DKIM?

    DomainKeys Identified Mail (DKIM) technology enables businesses to certify an e-mail message. Technically speaking, this is a way to confirm the sender's domain with a cryptographic signature. You can learn more about DKIM at Wikipedia.

    Will DKIM improve email delivery?

    This depends on the servers that check message validation. If a message is signed using a DKIM signature, the recipient can use available data about the company that signed the message to determine the appropriate action to take with regard to that particular email. If the signer has a good reputation, their messages will be subjected to less rigorous filtering.

     

    Configuration Instructions

    DKIM signatures for the domain are generated and provided by the SMTP provider.

    Each signature usually have the following attributes:

    • Signing Algorithm: RSA-SHA256
    • Key Size: 1024
    • Selector: UE(YEAR)(MONTH)

    After the DKIM signature has been created, the client will receive a text file containing a Public Key Record. The client must specify the DNS entries with two (2) TXT records: Policy Record and Public Key Record.

    Example records:

    1. _domainkey.(your domain). IN TXT "o=~; r=postmaster@(your domain)"
    2. (selector)._domainkey.(your domain). IN TXT "v=DKIM1; p=MIGfMA0GCSqGSIb4DQ(.....)z2nJSPOxvGGznkcY25w5lIYpxpVwZ/IwIDAQAB;"

     

    DKIM Policy Record:

    Any dDomain that uses DomainKeys must contain a Policy Record. This is a DNS TXT- record consists consisting of name "_domainkey" and then your domain name – for example "_domainkey.your domain." The TXT -record must contain a policy whichthat can be "o=-" or "o=~".

    o=-
    Means "every email message from this domain is signed"

    o=~
    Means "only some email messages from this domain are signed"