Preparing to add the DKIM signature to outgoing messages

You can configure the DKIM signature for messages in the web interface of Kaspersky Secure Mail Gateway.

The process of configuring the DKIM signature for messages consists of the following steps:

1. Enabling the DKIM signature for outgoing messages.
2. Creating or importing a DKIM key.
3. Adding the DKIM signature to messages sent from email addresses in a specific domain.

In order for the remote mail server to be able to verify the DKIM signature added to outgoing messages, you need to obtain the DNS record of the public DKIM key via the web interface of Kaspersky Secure Mail Gateway and add it to the settings of your DNS server.

To obtain the DNS record of the public DKIM key, do the following in the web interface of Kaspersky Secure Mail Gateway:

1. In the main window of the application web interface, open the management console tree and select the Domains section.
2. If the workspace shows the value of the DKIM signature setting as Disabled, do the following:
   1. Click the DKIM signature link to open the DKIM settings window.
   2. In the DKIM signature drop-down list, select Enabled.
   3. Click OK.

      The DKIM settings window closes.

3. In the list of domains, select the domain for whose addresses you want to configure the DKIM signature to be added to outgoing messages.
4. In the DKIM signature for messages from domain addresses section, click Add.

   The Creating DKIM signature for the domain window opens.

5. In the Selector field, type the name that will help you find the DKIM signature.
6. In the Key name list, select the DKIM key based on which the DKIM signature will be added to messages.
7. Click OK.

   The Creating DKIM signature for the domain window closes.

In the DKIM signature for messages from domain addresses section, the DNS record field shows the DNS record of the public DKIM key for a specific domain.

To add a public DKIM key to the settings of your DNS server:

1. Sign in to your DNS server under the administrator account.
2. Locate the page with information on updating DNS records of the domain for whose addresses you want to configure the DKIM signature to be added to outgoing messages.

   For example, this page can be named "DNS Management", "Name Server Management", or "Advanced Settings".

3. Find records in TXT format for the domain for whose addresses you want to configure the DKIM signature to be added to outgoing messages.
4. In the list of records in TXT format, add the DNS record of the public DKIM key for a certain domain with the following contents:

   <selector>._domainkey.<name of the domain for which you want to add the public DKIM key>. IN TXT ( "v=<DKIM version>; k=rsa; s=email" "p=<DNS record of the public DKIM key>" )

   For example, you can add the following string:

   mail._domainkey.example.com IN TXT ( "v=DKIM1; k=rsa; s=email; " "p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtyb09IeTJtIxTEohP/wa8eZOuiFJxL3pjk+1R81ajQyTb4J8Dj23RbjOKCZGFdyJfj7MUUL9MpvAo6OL9KrfaF8ehR7MbHhaix1qPDfSP5a97vl9/6KR2TKJfi+0dQ/pMLJMbnXfdWeoDoDBUK0++B8HHCnSpLTxsH/YDOtjKaHFxbU6DMEICTiVBWR+yeWopdWi9kPNT5SJ5H" )

   See Document RFC 5617 for details on configuring settings of the DNS record of a public DKIM key.

5. Save changes.

The syntax of the sample DNS record is provided for purposes of adding it to the settings of a BIND DNS server. The syntax of the DNS record to be added to other DNS servers may differ slightly from the example provided.

See also DKIM signature for outgoing messages About the DKIM signature for outgoing messages Enabling and disabling the DKIM signature for outgoing messages Creating the DKIM key Importing the DKIM key from file Deleting the DKIM key Adding the DKIM signature to messages from addresses from a specific domain

Page top