Set Up DKIM and Domain Key

Mail signing protocols, such as DomainKeys and DKIM signing, verify the authenticity of a message and can be used to protect users from phishing schemes or spam attacks.

This article applies to recent versions of SmarterMail. View articles for SmarterMail 15.x and earlier.

Signing messages with DomainKeys has been removed as that signing method has become obsolete. Follow these steps to set up DKIM: 

  1. Log into SmarterMail as the Domain Administrator.
  2. Click the Settings icon.
  3. Expand the Domain Settings and Advanced Settings folders in the navigation pane.
  4. Click Mail Signing. The mail signing settings will load in the content pane.
  5. On the Options tab, select the Enabled DKIM Signing checkbox. 
  6. Click the Certificate tab.
  7. In the Selector field, enter a unique name. (It is recommended the key is changed once every 12 months.) Adjust the Key Size accordingly, keeping in mind the larger the key, the stronger it is.
  8. Click Generate Key in the content pane toolbar. 
  9. The TXT Record Name and TXT Record Value fields will populate. Set up the TXT Record in DNS using this name and value.
  10. Optional: On the DKIM Signing tab, adjust the settings regarding how closely the system should monitor messages in transit.

 

Applies to SmarterMail 8.x - 14.x

Follow these steps to set up DKIM/DomainKeys:

  1. Log into SmarterMail as the Domain Administrator.
  2. Click the Settings icon.
  3. Expand the Domain Settings and Advanced Settings folders in the navigation pane.
  4. Click Mail Signing.
  5. Click the Options tab and select the Enable DKIM Signing checkbox for DKIM or Enable Domain Key check box.
  6. Click the Certificate tab. In the Selector field, enter a unique name.
  7. Click Generate Key in the content pane toolbar.
  8. The TXT Record Name and TXT Record Value fields will populate. Set up the TXT Record in DNS using this name and value.  
 
Learn more about SmarterMail's enterprise email features and benefits.

Feedback

Add Feedback
I'm using 13.1 and I can't find where to setup DKIM. I'm clicking on Settings and do not see a Domain Settings anywhere.
Shawn Jackson (February 7, 2015 at 6:35 PM)
Hi Shawn! If you don't see the Domain Settings folder in your settings it means that you are not logged in as the Domain Administrator. Do you manage SmarterMail on your own server or do you get your email account as a hosted service? If you don't have the Domain Administrator login, then you're likely being hosted by another company and would need to contact them to complete these steps.
Andrea Rogers (February 9, 2015 at 8:34 AM)
I have my own WIndows 2008 server with SmarterMail Professional Edition Version 13.1.5451 and dozens of sites and had the same problem as Shawn and even reading above it took me a few minutes to twig that the System Administrator is not the same as the Domain Administrator. Create a Domain administrator for the required domain or log in as that and wallah a new set of menu items.

More info.

I am setting up my own server etc with Smartermail. I have found this blog although quite old to be really useful - http://www.interactivewebs.com/blog/index.php/e-mail-tips/smartermail-setup-anti-spam-tools-and-tips/

To get the DKIM to pass the DNS tests I have set up the DNS as (exclude quotes in entries) -
Public Key Record DNS Entry 1
Record Name - "adopt1234._domainkey" (where adopt1234 is made up by you on the generate page, note the removal of the generated domain name)
Record Type - "TXT"
Record Data - "p= xxxxxxxx" (1024 character generated key)

Policy Record DNS Entry 2 (which is not generated)
Record Name - "_domainkey.sheep.com" (where sheep.com is your domain name)
Record Type - "TXT"
Record Data - "0=-" (indicates that all emails from the domain are signed no exceptions)

Oh and remember to save the generate Public keys on the Smartermail page. This passes both Smartermail and external DNS DKIM tests. Will know more when I test fully.

kenny.middleton (February 13, 2015 at 5:12 PM)
I need to have array of servers for the same domain. And don't want to have new public key in DNS for every new server.
As I understand I need to use the same private key on all servers. How do I export private key from SmarterMail and install it on another server?

Pavel Kovalenko (October 13, 2016 at 9:21 AM)

Add Feedback