Set Up Email Signing with DKIM

This article applies to recent versions of SmarterMail. View articles for SmarterMail 15.x and earlier.

Mail signing protocols, like DKIM Signing, verify the authenticity of a message and can be used to protect users from phishing schemes or spam attacks. For example, DKIM signing uses cryptography to verify the authenticity of a message, ensuring the message came from your server and was not changed in transit.

Follow these steps to set up DKIM Signing for your domain: 

  1. Log into SmarterMail as a Domain Administrator.
  2. Click on the Domain Settings icon.
  3. Click on General in the left menu.
  4. On the Email Signing card, click Enable. SmarterMail will display a unique Text Record Name and Text Record Value.
  5. Add the TXT record to your DNS server using the provided name and value, or contact your DNS provider to handle this for you. 
  6. After the TXT record has been added and propagated to DNS, click on the Enable button once again. SmarterMail will attempt to verify the DNS settings and DKIM Signing will be enabled.
  7. To adjust the mail signing settings, click the Settings button. Note that in most cases, these settings should not need to be altered. However, if you are familiar with DKIM processing and would like to specify how closely you want the system to monitor messages in transit, the Body Canonicalization, Header Canonicalization, Header Field to Use and Header Fields can be adjusted. More information on these settings can be found at
Learn more about SmarterMail's enterprise email features and benefits.


I have my own WIndows 2008 server with SmarterMail Professional Edition Version 13.1.5451 and dozens of sites and had the same problem as Shawn and even reading above it took me a few minutes to twig that the System Administrator is not the same as the Domain Administrator. Create a Domain administrator for the required domain or log in as that and wallah a new set of menu items.

More info.

I am setting up my own server etc with Smartermail. I have found this blog although quite old to be really useful -

To get the DKIM to pass the DNS tests I have set up the DNS as (exclude quotes in entries) -
Public Key Record DNS Entry 1
Record Name - "adopt1234._domainkey" (where adopt1234 is made up by you on the generate page, note the removal of the generated domain name)
Record Type - "TXT"
Record Data - "p= xxxxxxxx" (1024 character generated key)

Policy Record DNS Entry 2 (which is not generated)
Record Name - "" (where is your domain name)
Record Type - "TXT"
Record Data - "0=-" (indicates that all emails from the domain are signed no exceptions)

Oh and remember to save the generate Public keys on the Smartermail page. This passes both Smartermail and external DNS DKIM tests. Will know more when I test fully.

kenny.middleton (2/13/2015 at 5:12 PM)