- Create Dkim Keys
- Generate Dkim Key Pair
- Generate Dkim Key Ubuntu
- Generate Dkim Key Office 365
- Check Dkim Record
- Generate Dkim Key Puttygen
Create DKIM Key Pair with PuTTYGen. By: Arash Dalir. Tagged: dkim, mail-server, puttygen. Tl;dr: The main reason this how-to is written is the way PuTTYGen saves the keys! They need to be stored as openssh keys and not as as ssh keys, which is the default mode when using the save private public key buttons. A selector is arbitrary string appended to the domain name, to help identify the DKIM public key. It is part of the DKIM signature, and is inserted into the DKIM-Signature header field. During the validation process, the selector adds an additional name component, allowing for differential DNS query names. Generate a DKIM key for your domain Use the DomainKeys Identified Mail (DKIM) standard to help prevent spoofing on outgoing messages sent from your domain. Email spoofing is when email content is changed to make the message appear from someone or somewhere other than the actual source. Click + Add Row to create a new record and add your DKIM key. This is the public key that will be used to decode the email's associated digital signature. Once you've added both records, click on Save Changes. Allow up to 24 hours for propagation, after which time DKIM should be enabled for the domain. Generate new DKIM key for new mail domain. If you or your customer prefer to use their own DKIM key, you can generate a new DKIM key and ask your customer to add DKIM DNS record. Refer to our tutorial to add DKIM DNS record. Generate new DKIM key (key length 1024) for new domain, and set correct file owner and permission.
This article shows you how to add Domain Keys Identified Mail (DKIM) TXT records to your domain. DKIM is a method for fighting spam that works by associating outgoing email with a domain via a digital signature. The sending mail server attaches a 'signature' to an email that has been encoded with a private key. If the receiving mail server is configured to check for DKIM, it will use a corresponding public key (the TXT record) to decode the signature and verify its authenticity. Because DKIM enabled email is less likely to be spam, recipient mail servers are less likely to filter the email. This can improve email deliverability.
This article is only for adding an existing DKIM record that you already have the info for.
Important Note: DKIM is reputation based. Over time, using DKIM can raise the reputation of associated addresses and subsequently improve deliverability. However, addresses that send high volumes of low quality content that is regularly flagged by recipients may still be targeted by spam filters.
READ ME FIRST
This article is provided as a courtesy. Installing, configuring, and troubleshooting custom DNS settings is not supported by Media Temple. Please take a moment to review our Statement of Support.
Your domain must be using Media Temple nameservers:
For information on how to confirm this for your domain, see this article: Performing a WHOIS search.
Adding DKIM TXT records to your Media Temple zone file
Grid mail does not support DKIM. In order to use DKIM with a domain hosted on the Grid, your email must be managed elsewhere. If you’d like an additional layer of email verification for your Media Temple hosted email, you may want to check out this article for creating and adding an SPF record:
How can I create an SPF record for my domain?
1. Log into your Account Center and click on the domain that you'd like to add the DKIM TXT records to. Alternatively, hover over the domains tab at the top of the Account Center and click on Show All. Select the relevant domain from the list.
2. Click the Edit DNS Zone File option under the DNS & ZONE FILES menu.
4. Click + Add Row to create a new record. This record will tell the mail server that all email messages associated with this domain use DKIM.
- Subdomain (Name): _domainkey
- Type: TXT
- Data: o=-
5. Click + Add Row to create a new record and add your DKIM key. This is the public key that will be used to decode the email's associated digital signature. Once you've added both records, click on Save Changes. Allow up to 24 hours for propagation, after which time DKIM should be enabled for the domain.
- Subdomain (Name): default._domainkey
- Type: TXT
- Data: Your DKIM key.
If your DKIM key in the Data field exceeds 255 characters and you do not break it up with quotes, you will receive the following error:
This is likely because your key is 2048 bits instead of 1024.
In order to add a record that exceeds 255 characters, you must break the record up with quotes (') and add both strings to the TXT field.
Sample 2048 bit key that exceeds 255 characters:
In order to enter the above key into the TXT field, divide it into multiple strings using quotation marks:
Create Dkim Keys
Now add both strings to the same data field for the TXT record. Be sure to include a space between the strings.
5. Click Save to commit the changes.
Instructions for Plesk
Plesk has a built-in way to toggle DKIM on and off. However, enabling DKIM for outgoing email requires that you get the associated TXT record from Plesk and add it to your Media Temple zone file. All required steps are included in the article.
1. Log into your Plesk admin panel and click on Tools & Settings.
2. Click on Mail Server Settings under Mail
3. Scroll down to the DKIM section and check the boxes to enable.
4. Scroll to the bottom and click on OK. You will then be transported back to the Tools & Settings menu where you'll receive a confirmation that your Mail settings have been updated. This has enabled DKIM for the server.
Generate Dkim Key Pair
5. The next step is to enable DKIM for individual domains, which will create the associated TXT records in your Plesk zone file. Click on Websites & Domains to list your domains.
- Alternatively, if you're using Plesk's service provider view, you will click on Domains and then select the relevant domain from the list.
6. Click on Mail Settings for the domain that you'd like to enable DKIM protection on.
7. Scroll down and check the Use DKIM... box and click apply.
8. Enabling DKIM protection for the domain created the required TXT records in the domain's Plesk DNS zone file. In order for DKIM to work properly, these records will have to be added to your Media Temple zone file. Navigate back to the domain's settings and click on DNS Settings.
Generate Dkim Key Ubuntu
9. Scroll down until you see a TXT record that begins with 'v=DKIM1;' followed by a long string of characters. This is the DKIM TXT record that needs to be added to your Media Temple zone file. Copy the entire record. If you need help creating this record in your Media Temple zone file, use the instructions at the beginning of the article. Once you've saved the record, allow up to 24 hours for propagation, after which time DKIM should be enabled for the domain.
Instructions for cPanel
As of cPanel & WHM version 62, cPanel provisions SPF and DKIM for new accounts by default. However, the system does not automatically provision these DNS records for existing accounts. You can enable DKIM for all accounts simultaneously via WHM, or for individual domains via cPanel.
It is also very important to note that enabling DKIM for outgoing email requires that you get the associated TXT record from cPanel and add it to your Media Temple zone file. All required steps are included in the article.
Enabling DKIM/SPF Globally
Generate Dkim Key Office 365
1. Log into WHM and enter DKIM into the search field. Click on Enable DKIM/SPF Globally
Check Dkim Record
2. Click Proceed.
3. In order to complete the process and enable DKIM/SPF to work properly for outgoing messages, you must add the DKIM and SPF records to your Media Temple zone file. To quickly navigate to your zone files, type 'Edit DNS' into the top left search field.
4. Select a domain. You must copy the associated DKIM and SPF record for each of your domains and add them to your Media Temple zone file. Open each of your zone files and scroll down until you see the DKIM and SPF TXT records that WHM created. The DKIM TXT record will begin with 'v=DKIM1;' and the SPF TXT record will begin with 'v=spf1'.
5. The records are domain specific and will have to be added to the proper zone file for each domain. For instructions on how to add these text records, scroll to the top of the article.