Introduction

DKIM stands for DomainKeys Identified Mail. DKIM creates a domain-level authentication framework for email by using private-key technology and DNS record to prove the source and content of a message.

You can find general information about DKIM at http://dkim.org and the DKIM FAQs at http://dkim.org/info/dkim-faq.html .

Deployment instructions

1. You need to allow the DKIM signing using the Icewarp Administration console/Global Settings/Domains/”Enable DKIM” option.

2. First you should specify the selector in the Icewarp Administration console/<domain>/DKIM/”Selector” field. It could be any string you want.

3. Use DKIM/”Generate Private Key” button to create private key. It will use the default certificate to generate it. The length 512 b is sufficient. It's needed to sign the messages.

4. Use DKIM/”Retrieve Selector” to populate DKIM/”Selector data” field. You will need this string for your DNS record.

5. The “Selector data” should be included in your DNS TXT record for: <Selector>._domainkey.<domain name>

You'll have to wait about one day until the DNS record spreads across the DNS server structure.

6. Now every server, which performs DKIM verification should be able to authenticate your signed emails. You can use our DKIM signature verificator available at:

dkim-test (at) dell.icewarp (dot) com

It should auto-reply with the successful DKIM test results.

Example

I want to setup DKIM signature for domain:

Icewarpdemo.com

First I randomly choose the selector:

rtfm

then I generate the private key and retrieve selector data, which should look like this (it's one line):

v=DKIM1; k=rsa; n=512; p=MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAP99+bJXKbnc6zr8o3YCR2SIxayvbB5DK4 a0S9aCB5H20WWuSMFp9I3smdgqTeEFFu6pooNC4G1WMu2rTyS2Ei8CAwE

then I publish this into DNS TXT record for:

rtfm._domainkey.Icewarpdemo.com

I wait until it's on all DNS servers and that's it.