How to setup DKIM and DomainKeys with SmarterMail

Here’s how to setup DKIM and Domain Keys. First of all, download the DKeyEvent tool and install it.

Send an empty email to check-auth@verifier.port25.com

Now, the response will be a full detailed report with all kinds of technical information. Here I will just show the summary:


We now need to get our mail server setup to pass all of the 4 checks.

SPF Check and Sender-ID check.

You can read more about Sender Policy Framework here. To add the SPF validation is a simple case of adding a TXT record to your DNS setup. I use www.EveryDNS.com and my basic setup looked like this:

image

To pass the SPF and Sender-ID check you simply need to add a TXT record with content of : v=spf1 a ~all like so:

image


Setting up the DKIM records

Start the DKeyEvent program on your mail server and enter you domain/login info in the DKeyEvent SM tab.

DKeyEvent1

Switch to the DKIM section and enter a new domain and a selector name by clicking on the little plus sign at the bottom right corner.

DKeyEvent3

DKeyEvent2

Click Save Settings. Switch to the Domain tab, and select your domain and selector. Click on Generate.

DKeyEvent5

Select all the text in the bottom hand textbox and copy it to the clipboard.

Repeat the steps by doing the same in the DomainKeys

DKeyEvent6

Click Save Settings.

DKeyEvent7

The key should be the same as in the DKIM section.

Now go to your DNS management and add a new A record for the domain key.

A new DNS A record

Add a new TXT record with the same name as your selector as the prefix, plus your domain key record name and paste in your key from the DKeyEvent program as the value.

A new TXT DNS record

Restart your SmarterMail service

image

Now wait for your DNS changes to be propagated, and send a new test email.

Enjoy the result:


4 thoughts on “How to setup DKIM and DomainKeys with SmarterMail

  1. Hi Magnus,
    great helpful article, many thanks for posting. Just one question though. you have selected the setting to verify authenticity of incoming messages… IS this not a bit dangerous ?(I am referring to Backscatterer.org), Whats your take on that setting ?
    regards
    Patrick

  2. @Patrick, thanks for your comment.
    Well, just after I wrote this post back in 2009, I made a decision to never bother about these kind of things again. For me, running a small ISV (and this blog), I realized that; what the heck am I doing here? Setting up my own email server, struggling with all these mail server pre-requisites, DKIM, yada yada. So I stopped all this stuff and moved all of my email handling to Googles Apps and haven’t looked back. For me, life is too short to be bother about these infrastructure mechanisms, I let people who know these things do it for me from now on.
    With this in mind, I haven’t looked at Backscatter problems, and have very little interest to do so as well.
    Hope you can find a more insightful answer from somebody who are into that area.

    /M

  3. Heh Heh … nice one… just took a look at the gmail apps myself today and totally agree with you…let other people worry about all that crap :-)
    Thanks anyway.. regards . Patrick

  4. Thanks For the Awesome article, however, I am using mailenable as a server and when I try to add a domain name and selector in the dkim MTA tab, it says “An error seems to occured while trying to generate keys.”

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code class="" title="" data-url=""> <del datetime=""> <em> <i> <q cite=""> <strike> <strong> <pre class="" title="" data-url=""> <span class="" title="" data-url="">