The DomainKeys / DKIM Wizard was designed to allow and IMail Administrator to quickly setup the necessary items for DomainKeys / DKIM.
Step 1
DomainKeys or DKIM
DomainKeys and DKIM allow messages to be cryptographically signed, which allows receiving servers to verify the source and contents of messages. Both specifications are similar, however, DKIM handles e-mail routing better than DomainKeys and is considered to be the preferred method of signing messages.
Example: DNS Text Record set to MyDNSName will be named "MyDNSName_domainkey.domainname.com"
Step 2
Choosing your Algorithm:
The simple and relaxed header and body algorithms prepare the e-mail before signing occurs. This is known as canonicalization and does not affect the message that is actually sent in any way. These algorithms attempt to handle cases where normal transformations that occur to a message as it is sent will cause a signature to be verified incorrectly. The 'simple' Canonicalization algorithm tolerates almost no modification of the message, while the 'relaxed' canonicalization algorithm allows some typical transformations to occur without breaking the signature (such as modifying whitespace and folding whitespace in the message and its headers). The relaxed canonicalization algorithm is recommended unless it is critical that a message not be modified in any way during transit to a receiving mail server.
Step 3
Assigning Domains
Please choose which domains are allowed to use this selector for signing. Domains added to the list on the right are able to use this selector for its users.
Note: The selector will not be enabled until the DNS Test is valid. Should the DNS Test fail, all domains set for this selector will be disabled. It will be up to the IMail Administrator to enable the selectors after the DNS has been corrected.
Step 4 (DKIM Selectors Only)
One or Multiple DNS Text Records
This step will only appear when creating a DKIM selector and multiple domains have been assigned to the selector. DKIM has the capability to have all domains point to one specified domain for the DNS record. This is the simplest and recommended way of setting up DKIM. If you wish, however, you can choose to enter a DNS record for every domain by selecting the second option in the drop down list.
Note: DomainKeys is not as flexible as DKIM and requires a DNS text record for each domain, per the RFC.
Step 5
Private Key and DNS Text Record
Example: DnsTextRecord_domainkey.domain.name.com
If you do not have access to your DNS records, contact your DNS administrator to add these records. Please note, that it is recommended that you continue to the next screen and save this selector if the process of adding the DNS records will take more than a few minutes.
Tip: Remember to check for the "p=" in front of the key
Step 6
DNS Test and Selector Status
Warning: Click "Done" now, as the IMail Server will eventually time out and your selector will be lost.
Important: After creating a selector be sure to restart your SMTP and Queue Manager services.
Related Topics