Preparing to add the DKIM signature to outgoing messages
You can configure the DKIM signature for messages in the web interface of Kaspersky Secure Mail Gateway.
The process of configuring the DKIM signature for messages consists of the following steps:
Enabling the DKIM signature for outgoing messages.
Creating or importing a DKIM key.
Adding the DKIM signature to messages sent from email addresses in a specific domain.
In order for the remote mail server to be able to verify the DKIM signature added to outgoing messages, you need to obtain the DNS record of the public DKIM key via the web interface of Kaspersky Secure Mail Gateway and add it to the settings of your DNS server.
To obtain the DNS record of the public DKIM key, do the following in the web interface of Kaspersky Secure Mail Gateway:
In the main window of the program web interface, open the management console tree and select the Domains section.
If the workspace shows the value of the setting as Disabled, do the following:
Click the DKIM signature link to open the DKIM settings window.
In the DKIM signature drop-down list, select Enabled.
Click the OK button.
The DKIM settings window closes.
In the list of domains, open the record editing window by clicking the link containing the name of the domain for whose addresses you want to configure the DKIM signature to be added to outgoing messages.
In the DKIM signature for messages from domain addresses settings group, click the Add button.
The Creating DKIM signature for the domain window opens.
In the Selector field, type the name that will help you find the DKIM signature.
In the Key name list, select the DKIM key based on which the DKIM signature will be added to messages.
Click the OK button.
The Creating DKIM signature for the domain window closes.
In the DKIM signature for messages from domain addresses settings group, the DNS record field displays the DNS record of the public DKIM key for the specific domain.
To add a public DKIM key to the settings of your DNS server:
Sign in to your DNS server under the administrator account.
Locate the page with information on updating DNS records of the domain for whose addresses you want to configure the DKIM signature to be added to outgoing messages.
For example, this page can be named "DNS Management", "Name Server Management", or "Advanced Settings".
Find records in TXT format for the domain for whose addresses you want to configure the DKIM signature to be added to outgoing messages.
In the list of records in TXT format, add the DNS record of the public DKIM key for a certain domain with the following contents:
<selector>._domainkey.<name of the domain for which you want to add the public DKIM key>. IN TXT ( "v=<DKIM version>; k=rsa; s=email" "p=<DNS record of the public DKIM key>" )
Example of a DNS record for an opened DKIM key:
mail._domainkey.example.com IN TXT ( "v=DKIM1; k=rsa; s=email; " "p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtyb09IeTJtIxTEohP/wa8eZOuiFJxL3pjk+1R81ajQyTb4J8Dj23RbjOKCZGFdyJfj7MUUL9MpvAo6OL9KrfaF8ehR7MbHhaix1qPDfSP5a97vl9/6KR2TKJfi+0dQ/pMLJMbnXfdWeoDoDBUK0++B8HHCnSpLTxsH/YDOtjKaHFxbU6DMEICTiVBWR+yeWopdWi9kPNT5SJ5H" )
See Document RFC 5617 for details on configuring settings of the DNS record of a public DKIM key.
Save changes.
The syntax of the sample DNS record is provided for purposes of adding it to the settings of a BIND DNS server. The syntax of the DNS record to be added to other DNS servers may differ slightly from the example provided.