DKIM (DomainKeys Identified Mail) is an encryption process that protects your email from anyone trying to tamper with it between when you send it and when the recipient receives it.
Setting up the DKIM for your Sending Domain
To set up DKIM on your own domain, you must first create the unique key inside your account.
- Log into your JangoMail account. (JangoSMTP steps in the account will differ slightly.)
- Go to Settings → Sending and Receiving → DomainKeys/DKIM.
(JangoSMTP users will find it in Settings under the Advanced JangoSMTP Settings section.)
- Click Add New Item.
- Add your domain by entering your domain and a selector for your domain and then click Save. A good default is to simply use "jm", though any single-word selector will work. Keep in mind that the selector you choose will correspond to the DNS record you must add for your domain (TXT record for selector._domainkey.yourdomain.com).
- You must now add the public key to your DNS server. The DKIM will be disabled until you add the public key into your DNS server.
- To view the keys, click the View Keys icon next to your domain.
- A new window will launch showing you the public key, the private key, and the exact DNS TXT record you must add into your DNS server. Ensure that you copy the entire contents of the Value field in the popup window.
- Once the DNS record is in place, you must come back to JangoMail to enable the key pair. Follow the instructions in step 2 to get to DomainKeys/DKIM, and click the Enable icon next to your domain. Confirm that you want to enable the DomainKey. JangoMail will then verify that your DNS TXT record is in place and correct, and if so, it will enable the key pair. Your email campaigns will now be signed with DomainKeys and DKIM.
Note: It may take up to 48 hours for the new TXT record to be visible in DNS, so you may not be able to enable the key right away.
How do I know everything is working?
To ensure that your emails are being signed with DomainKeys/DKIM, send yourself a test email message from your account. Once you have received the email, view the full headers of the message. You should see one of two added headers, a DomainKey-Signature header and another DKIM-Signature header.
You can also check that the signatures are correct, by using these two tools for free:
- Go to Mail-Tester and send an email message to the address provided. This will check other items besides DKIM for your message. The results of their checks will be displayed once you click "Then Check Your Score".
- Send a test email message to the Sendmail reflector service. Do this by sending an email message to email@example.com. Sendmail will respond immediately with an email message sent back to the From Address of your test message.
Step by step video on creating your DKIM record: