How to setup DKIM and DomainKeys with SmarterMail

July 3, 2009

Here’s how to setup DKIM and Domain Keys. First of all, download the DKeyEvent tool and install it.

Send an empty email to check-auth@verifier.port25.com

Now, the response will be a full detailed report with all kinds of technical information. Here I will just show the summary:


We now need to get our mail server setup to pass all of the 4 checks.

SPF Check and Sender-ID check.

You can read more about Sender Policy Framework here. To add the SPF validation is a simple case of adding a TXT record to your DNS setup. I use www.EveryDNS.com and my basic setup looked like this:

image

To pass the SPF and Sender-ID check you simply need to add a TXT record with content of : v=spf1 a ~all like so:

image


Setting up the DKIM records

Start the DKeyEvent program on your mail server and enter you domain/login info in the DKeyEvent SM tab.

DKeyEvent1

Switch to the DKIM section and enter a new domain and a selector name by clicking on the little plus sign at the bottom right corner.

DKeyEvent3

DKeyEvent2

Click Save Settings. Switch to the Domain tab, and select your domain and selector. Click on Generate.

DKeyEvent5

Select all the text in the bottom hand textbox and copy it to the clipboard.

Repeat the steps by doing the same in the DomainKeys

DKeyEvent6

Click Save Settings.

DKeyEvent7

The key should be the same as in the DKIM section.

Now go to your DNS management and add a new A record for the domain key.

A new DNS A record

Add a new TXT record with the same name as your selector as the prefix, plus your domain key record name and paste in your key from the DKeyEvent program as the value.

A new TXT DNS record

Restart your SmarterMail service

image

Now wait for your DNS changes to be propagated, and send a new test email.

Enjoy the result:


tags: ,
posted in Blog by Magnus Johansson

Follow comments via the RSS Feed | Leave a comment | Trackback URL

3 Comments to "How to setup DKIM and DomainKeys with SmarterMail"

  1. Patrick wrote:

    Hi Magnus,
    great helpful article, many thanks for posting. Just one question though. you have selected the setting to verify authenticity of incoming messages… IS this not a bit dangerous ?(I am referring to Backscatterer.org), Whats your take on that setting ?
    regards
    Patrick

  2. admin wrote:

    @Patrick, thanks for your comment.
    Well, just after I wrote this post back in 2009, I made a decision to never bother about these kind of things again. For me, running a small ISV (and this blog), I realized that; what the heck am I doing here? Setting up my own email server, struggling with all these mail server pre-requisites, DKIM, yada yada. So I stopped all this stuff and moved all of my email handling to Googles Apps and haven’t looked back. For me, life is too short to be bother about these infrastructure mechanisms, I let people who know these things do it for me from now on.
    With this in mind, I haven’t looked at Backscatter problems, and have very little interest to do so as well.
    Hope you can find a more insightful answer from somebody who are into that area.

    /M

  3. Patrick wrote:

    Heh Heh … nice one… just took a look at the gmail apps myself today and totally agree with you…let other people worry about all that crap :-)
    Thanks anyway.. regards . Patrick

Leave Your Comment

 
Powered by Wordpress and MySQL. Theme by Shlomi Noach, openark.org