1
Abount DKIM and DOMAIN KEY
Question asked by Manuel - June 18, 2015 at 8:20 AM
Answered
Hello,
actually I don't use DKIM and DOMAIN KEY, but only SPF.
 
I want to utilize all three but I have somehow doubt.
 
I have SmarterMail Enterprise for incoming e-mail.
For outgoing e-mail to internet, e-mail is delivered by same SmarterMail server if e-mail is send from webmail or e-mail client.
If e-mail is send from my customer website, I use another server, with SmarterMail free, for delivery to internet, and I not pass from SmarterMail server.
 
If I implement DKIM and DOMAIN KEY, only e-mail passed from main SmarterMail server use this.
 
I would not use the main SmarterMail server also for emails to be sent from websites to the Internet, because I think to overload it, but if there is no other way I will be forced.
 
As you advise me to do?
 
 
Tnx
Manuel

2 Replies

Reply to Thread
0
Bruce Barnes Replied
June 18, 2015 at 8:58 AM
Questions about proper e-mail server configuration, with those settings being properly configured to ensure e-mail delivery, is a very difficult question and is, largely, being driven by YAHOO! and OUTLOOK.COM (which now hosts all of outlook.com, private domains which are hosted in the outlook cloud, and all of the HOTMAIL.com e-mail services).
 
The changes driven by YAHOO! and OUTLOOK.COM, along with GMAIL, COMCAST, and several other large providers (I am deliberately not including AOL in here because they are totally fubared at this point), have completely changed the game and mean that e-mail is no longer an add-on for hosted services, but something which must be monitored and continuously fine-tuned to keep it working.
 
Take a look at my document, "Why Am I Having Problems Getting My E-Mail Delivered?" it may give you some of the information you are looking for.
 
Remember, if you host more than one domain on your mail server, you must implement the procedures outlined in the document for EVERY ONE of the hosted domains.
Bruce Barnes
ChicagoNetTech Inc

Phone: (224) 444-0169

E-Mail and DNS Security Specialist
Network Security Specialist

Customer Service Portal: https://portal.chicagonettech.com
Website: https://www.ChicagoNetTech.com
Security Blog: http://networkbastion.blogspot.com/

Web and E-Mail Hosting, E-Mail Security and Consulting
2
Scarab Replied
June 18, 2015 at 9:32 AM
Manuel,
 
DKIM can be tedious to setup initially if you have a lot of domains, but it is fairly easy to implement with SmarterMail, assuming you have access to DNS for all of your domains. Although it was once entirely optional, it is becoming more and more mandatory to ensure that email is delivered successfully.
 
It's not unusual to have some email not be signed with DKIM. In such a case where some emails come from an external provider (such as QuickBooks, Constant Contact, MailChimp, etc.) or from a web-server that doesn't deliver through your SmarterMail server, you would align your DNS keys as follows:
 
_domainKey    IN    TXT    "o=~;" (this means some of the messages from this domain are signed, but not all)
_adsp._domainKey    IN    TXT    "dkim=unknown;" (this means that not all messages from this domain are signed)
 
These would be in addition to your selectorname._domainKey TXT Record that has the actual public key for that domain that you generated within SmarterMail.
 

Reply to Thread