How To Create a DKIM Record in SmarterMail

DKIM is an acronym for “DomainKeys Identified Mail”. It’s also known as “email signing”.  DKIM’s intent is to prove that the contents of an email message haven’t been tampered with, that the headers of the message have not changed (e.g., adding in a new “from” address) and that the sender of the email actually owns the domain that has the DKIM record attached to it. (Or is at least authorized by the owner of the domain to send emails on their behalf.)

As with other spam protections, such as SPF and DMARC, DKIM is a TXT record that’s added to a domain’s DNS. And if SPF is like a return address on a letter, DKIM is like sending that letter via Certified Mail as it further builds trust between the sending server and receiving server.

Setting up email signing and creating the fields necessary to add DKIM to a domain's DNS record is simple within SmarterMail.

  1. Log in as a Domain Administrator
  2. Click on the Domain Settings icon
  3. Navigate to the domain’s General settings
  4. Find the Email Signing card
  5. Click on the Settings button
  6. A modal window opens, like the one below. Here, all of the DKIM settings are displayed. SmarterMail defaults all of these to a set of general recommendations, but they can be adjusted as needed. A full explanation of these fields is available in the SmarterMail Help.
  7. Make any changes you want and save them. If no changes are made, simply click the Cancel button.
  8. Next, click the Enable button on the Email Signing card. Another modal window opens, but this one contains the text necessary for adding DKIM to the domain’s DNS. This window contains two important pieces of information: the “Text Record Name” used for the TXT record, and the”Text Record Value”. The “name” also contains the “DKIM selector”, which is the value that precedes “._domainkey.your-domain.com”. For example, “2B8U4DAB93D58YR”. The selector can be used to verify that your DKIM record is set up correctly. The value is also the public key that’s created by the SmarterMail server. Therefore, it’s the encrypted key that pairs to the private key that’s stored on the mail server. This is why it looks like a random series of characters.
  9. Now that you have the Name and Value for the TXT record, you will want to log in to your DNS provider and create the actual DNS record. How you do this depends on who your provider is. In addition, as this is a change to DNS, it may take a few hours for the record to propagate for the domain. Generally that propagation is pretty fast, but it could take 24 hours or more.
Validating Your DKIM Record
Once you've made the changes to your domain's DNS, it can take a few hours for those changes to take effect. To test whether you're set it up properly, you can doe a search for "DKIM record validation" or use a site such as MXToolbox. MXToolbox makes DKIM validation simple: you just need your domain name and the selector. Enter those into their form, and they'll let you know a) if the record can be found, and b) if it's valid.

Feedback

what if MXtoolbox says it's NOT valid? Smartermail is generating this for me, and ever online testing I've tried says it's invalid.
Stephen Smith (June 17 at 5:56 AM)
Stephen -- I'd suggest contacting our support team. They should be able to troubleshoot the issue for you. I just tested the DKIM record for smartertools.com and it passed. Make sure you use the format:

domain.com:domainKey

so, for example

smartertools.com:8D6C83AB9877A17

Derek Curtis (June 17 at 4:45 PM)
It's showing me the same issue, the key you generate doesn't supply a version, that's why it's failing. Any idea how to add this?
Version The DKIM record version. Missing from public DNS record

Anthony York (August 9 at 3:06 AM)
Anthony, if you manually add v=1; to your key you should be fine.
Derek Curtis (August 9 at 6:58 AM)
I copy the records exactly as they are in the DKIM mail administration on SmarterMail and add them to the DKIM DNS at WebHost4Life and it fails every time with "Invalid Host/Content or its empty."
Ronald Miller (August 26 at 9:19 AM)
Hi Ronald. When it comes to adding the DKIM record, each DNS provider may have a unique setup, so you'll need to add SmarterMail's text record based on the template offered by the provider. In an article I found online, it looks like WebHost4Life wants the Host and Content info to be pasted separately, so it's just a matter of how those fields accept the info SmarterMail provides. In this case, it may be best to contact WebHost4Life, giving them the info from SmarterMail, and asking them to offer guidelines on how it should be entered into their site. Here's the article I found on their site; it may be of some help: https://www.webhost4life.com/help/article/dns-management-how-to-add-a-dkim-record

Andrea Rogers (August 26 at 4:04 PM)