Why should I use a DKIM certificate?
Using DKIM for your outgoing messages offers several advantages, e. g.:
If a spammer attempts to misuse your domain or e-mail address to send his or her messages, DKIM reduces the chance that the message will actually reach the recipient. Incoming messages are checked by most mail services (such as Yahoo!, GMail, Web.de) for a valid DKIM signature.
How does DKIM work?
When sending a message, you automatically add a DKIM signature to the e-mail header, which contains a hash value of the message content and header information. If the receiving mail server supports DKIM and searches for incoming messages, it will react as follows:
How a mail server reacts when it detects an invalid signature depends on the configuration of the receiving mail server.
Please note: DKIM can only be used with EuropeanMX if you use the outgoing filter for your domain!
What we sign in a message by default?
In addition to the content of your message, we will also sign the following header information:
How can I configure DKIM via the webinterface?
In order for the public key to be retrieved by the receiving mail server, it must be propagated in the DNS settings of your domain. The TXT record should then look like this:
test._domainkey.example.com IN TXT v=DKIM1; g=*; k=rsa; p=[public key in one line];
The entry must be made as a TXT record. Use instead of "test" the selector you have defined in Step2.
Now that the key can be retrieved from receiving mail servers, the outgoing user must be connected to the DKIM selector in the webinterface.
Once the user has been linked to the DKIM selector, the DKIM signature is added to the header of each outgoing message that has been authenticated with this user (assuming you do not use a separate DKIM certificate). The receiving mail server can decode the signature using the public key and confirm authenticity.
For more information about DKIM we recommend the following websites: