Guides, Articles and Frequently Asked Questions

  Index | Outbound Filter

What does DKIM do for me and why should I use it?

Why should I use a DKIM certificate?

Using DKIM for your outgoing messages offers several advantages, e. g.:

  • The receiving mail server can verify if the incoming message was actually sent by the sender.
  • DKIM enables the recipient to ensure that important header information (such as subject) and the content of the message have not been changed.
  • The probability of your email being detected as spam decreases.

If a spammer attempts to misuse your domain or e-mail address to send his or her messages, DKIM reduces the chance that the message will actually reach the recipient. Incoming messages are checked by most mail services (such as Yahoo!, GMail, for a valid DKIM signature.

How does DKIM work?

When sending a message, you automatically add a DKIM signature to the e-mail header, which contains a hash value of the message content and header information. If the receiving mail server supports DKIM and searches for incoming messages, it will react as follows:

  1. Retrieving the public key from the DNS of the sending domain
  2. Use the public key to decode the signature.
  3. Content verification

How a mail server reacts when it detects an invalid signature depends on the configuration of the receiving mail server.

Please note: DKIM can only be used with EuropeanMX if you use the outgoing filter for your domain!

What we sign in a message by default?

In addition to the content of your message, we will also sign the following header information:

  • from
  • date
  • subject
  • reply-to-too
  • transmitter
  • to
  • c
  • bcc
  • message-id
  • in-reply-to
  • reference
  • content type
  • mime-version
  • content transfer encoding


How can I configure DKIM via the webinterface?

Login to the webinterface
  • Log into your account on our website
  • Click "Admin Panel" next to your domain name.
  • Alternatively, you can log in directly into the web interface of the spam filter. The web interface can be reached via the link Please use your domain name as a user and the admin password that you specified for the domain during the initial configuration.
Generate DKIM certificate
  • Under "Outgoing" click on "Generate DKIM Certificate".
  • Enter the desired DKIM selector. The name of the selector is not mandatory and can be freely chosen. In our example we use the selector "test".
  • Click on "Generate and save new private/public pair". The private key is stored on our server. The public key must now be propagated in the DNS settings.

Propagating the public key in DNA

In order for the public key to be retrieved by the receiving mail server, it must be propagated in the DNS settings of your domain. The TXT record should then look like this:  IN TXT  v=DKIM1; g=*; k=rsa; p=[public key in one line];

The entry must be made as a TXT record. Use instead of "test" the selector you have defined in Step2.

Connect the outgoing user with DKIM

Now that the key can be retrieved from receiving mail servers, the outgoing user must be connected to the DKIM selector in the webinterface.

  • Select the desired outgoing user under "Outgoing/Manage User".
  • Enter the previously configured selector ("test" in this example) under "DKIM Selector".
  • Save the settings.

Once the user has been linked to the DKIM selector, the DKIM signature is added to the header of each outgoing message that has been authenticated with this user (assuming you do not use a separate DKIM certificate). The receiving mail server can decode the signature using the public key and confirm authenticity.


For more information about DKIM we recommend the following websites:

Was this article helpful?

We use cookies for the technical functionality of this website. With your consent, we also collect page views and other statistical data in anonymized form.

Accept all cookies Select individually
Cookie Settings
Read Privacy Statement