Generating and Validating DKIM could be a difficult task sometimes. Therefore, in order to make this task easier there are several tools available online. If you are email marketer then needless to say DKIM plays very important role in email delivery. Whether you are using postfix or powerMTA, you must have valid DKIM entries in DNS records.
DKIM stands for Domain Key Identified Mail. It helps ISP to establish identity of sender. It could be 1024 bits or 2048 bits. Now a days 2048 bits is more preferable. DKIM composed of 3 parts.
- Private Key
- Public Key
Private key is kept safe on server and used to sign email before sending out. Public key is entered into DNS records, which is used by ISP to validate private key sent along email. Sometimes, you might need more than one DKIM key or you might want to sign transactional emails and promotional emails to be signed with different key. In simple words, selector ensures different DKIM doesn’t mix up and they could be authenticated by ISP.
Let’s discuss some of the tools available online first, then we will discuss steps to troubleshoot DKIM issues.
1. Sparkpost DKIM Generator
Sparkpost as we know, developer of powerMTA, has create very user friendly interface to generate DKIM. Just fill in the details and it will generate DKIM with instructions.
Copy the DKIM private key to your server and public key to DNS records.
You can also validate DKIM key, after configuration, by sending them to their one of the email address.
DKIMCORE is another popular tool for DKIM generation. It just asks you for domain name.
In DKIMCORE you will not be able to enter DKIM selector of your own choice. It will automatically generate for you.
3. Command line
If you don’t like going to online tools, there’s simple way to generate DKIM key on Linux using opendkim command.
Just execute the following commands
openssl genrsa -out private.key 2048 openssl rsa -in private.key -pubout -out public.key
Now you can list generated keys using ls command and cat command to display the key public key, so that you can copy it to the DNS.
ls cat public.key
If you like to know the location of private key, you can use pwd which stands for the present working directory. In the above screenshot, my working directory is /root and therefore private key location is /root/private.key
Note here, I haven’t used any selector. Therefore, I can create any name form selector.
Creating the DNS record
Creating DNS records is simple. Login to your domain registrar and look for Advanced DNS in namecheap and manage DNS in Godaddy. Similar, option would be available in other domain registrars. There you would find option to create TXT record. Create one and fill the details as follows:
In above screenshot in place of Host type
Replace selector with your choice.
Then in the Value enter the public key like
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwyLHWXYdMiSdg83MmBPA
At some places, you might to put double quotes in Value field, so be careful about that.
Validation of DKIM keys
After you have completed above steps, it’s time to validate the DKIM keys. There are several email marketing tools which are available online to validate keys.
1. MXToolBox DKIM Validator
MXTOOLBOX is favorite tool of email marketer. It provides several tools like DKIM validator, SPF checker, IP blacklist checker and so on. Go to MXTOOLBOX and fill the domain name and selector.
After you run DKIM Lookup, you will get nice green ribbon if DKIM passes or red ribbon indicating DKIM issues.
DKIMCORE is also let you validate your DKIM keys in simple steps. Just fill in the details and you are good to go.
These simple tools could easily generate and validate and DKIM keys without any hassle. DKIM key is very important to ensure inbox delivery, therefore it’s sender duty is to use right DKIM key and format.
Read: How to install Mailwizz