domain-keys-identified-mail

Generating and Validating DKIM could be a difficult task sometimes. Therefore, in order to make this task easier there are several tools available online. If you are email marketer then needless to say DKIM plays very important role in email delivery. Whether you are using postfix or powerMTA, you must have valid DKIM entries in DNS records.

About DKIM

DKIM stands for Domain Key Identified Mail. It helps ISP to establish identity of sender. It could be 1024 bits or 2048 bits. Now a days 2048 bits is more preferable. DKIM composed of 3 parts.

  • Private Key
  • Public Key
  • Selector

Private key is kept safe on server and used to sign email before sending out. Public key is entered into DNS records, which is used by ISP to validate private key sent along email. Sometimes, you might need more than one DKIM key or you might want to sign transactional emails and promotional emails to be signed with different key. In simple words, selector ensures different DKIM doesn’t mix up and they could be authenticated by ISP.

Let’s discuss some of the tools available online first, then we will discuss steps to troubleshoot DKIM issues.

1. Sparkpost DKIM Generator

Sparkpost as we know, developer of powerMTA, has create very user friendly interface to generate DKIM. Just fill in the details and it will generate DKIM with instructions.

generate-dkim-key

Copy the DKIM private key to your server and public key to DNS records.

validate-dkim-key

You can also validate DKIM key, after configuration, by sending them to their one of the email address.

sparkpost-dkim-key

2. DKIMCORE

DKIMCORE is another popular tool for DKIM generation. It just asks you for domain name.

In DKIMCORE you will not be able to enter DKIM selector of your own choice. It will automatically generate for you.

generate-DKIM-Key-in-dkimcore

3. Command line

If you don’t like going to online tools, there’s simple way to generate DKIM key on Linux using opendkim command.

Just execute the following commands

openssl genrsa -out private.key 2048
openssl rsa -in private.key -pubout -out public.key
opendkim

Now you can list generated keys using ls command and cat command to display the key public key, so that you can copy it to the DNS.

ls
cat public.key
generating-dkim-key-opendkim

If you like to know the location of private key, you can use pwd which stands for the present working directory. In the above screenshot, my working directory is /root and therefore private key location is /root/private.key

Note here, I haven’t used any selector. Therefore, I can create any name form selector.

Creating the DNS record

Creating DNS records is simple. Login to your domain registrar and look for Advanced DNS in namecheap and manage DNS in Godaddy. Similar, option would be available in other domain registrars. There you would find option to create TXT record. Create one and fill the details as follows:

creating-dkim-record-in-namecheap

In above screenshot in place of Host type

selector._domainkey

Replace selector with your choice.

Then in the Value enter the public key like

v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwyLHWXYdMiSdg83MmBPA
lXjdMxVmPWb5qWetxu7RqzP59saNXRtL/3I6K1zFZY85bljAB7Xa1fjZ42hWESCN
VK99o9R5RBFV6R62LLOHpwxxaD6rsskWqI7PgD99OuS5VHHaaMrxn8anx110FIhX
vs4T7ghcu7NVkDSawJ2dZUTfo8vRj7igc3/ySGrB1SNstTEghv0RazSnq9l9q+qV
jp9NzTh4FnxjAijMsG7AoIY6XRWbS3BC87sk6880bPosrRkw1ubQt4bpfp2rfgSw
DbzTlPuDDrNArZ9p7pS8OURP4CEDNe2dkwMhoVrKGDJ9VM/gAHgCyfe317igFEaJ
wwIDAQAB

At some places, you might to put double quotes in Value field, so be careful about that.

Validation of DKIM keys

After you have completed above steps, it’s time to validate the DKIM keys. There are several email marketing tools which are available online to validate keys.

1. MXToolBox DKIM Validator

MXTOOLBOX is favorite tool of email marketer. It provides several tools like DKIM validator, SPF checker, IP blacklist checker and so on. Go to MXTOOLBOX and fill the domain name and selector.

mxtoolbox-dkim-checker

After you run DKIM Lookup, you will get nice green ribbon if DKIM passes or red ribbon indicating DKIM issues.

mxtoolbox-validation-result

2. DKIMCORE

DKIMCORE is also let you validate your DKIM keys in simple steps. Just fill in the details and you are good to go.

dkimcore-validator

Conclusion

These simple tools could easily generate and validate and DKIM keys without any hassle. DKIM key is very important to ensure inbox delivery, therefore it’s sender duty is to use right DKIM key and format.

Read: How to install Mailwizz

1 reply

Trackbacks & Pingbacks

  1. […] can create or more specifically generate DKIM in many ways. This has already been discussed […]

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *