I faced so much trouble while setting DKIM for one of my sub domain, there are so many online tutorials but not a single tutorial that describes everything at one spot. So I was thinking why not I write my own blog on it.

What is DomainKeys Identified Mail (DKIM)?

DomainKeys Identified Mail (DKIM)?

It is an email authentication protocol that essentially allows a sender to apply a digital “signature” to outgoing emails that can be verified by the recipient’s mailbox provider through Domain Name System (DNS). Signing offers a guarantee of authenticity and some protection from tampering.

How DKIM will help you

Things to do serially

• Create Private Key for DKIM for my sub-domain in Linux
• Create Public Key for DKIM for my sub-domain in Linux
• Setup TXT record in my Domain DNS Settings
• Check if TXT Record setup perfectly by DKIM Analyzer
• Make PHP Script, setup configuration, check by sending email
• Check email in my google if DKIM is working
  
  

1. Create Private Key for DKIM for my sub-domain

# openssl genrsa -out dkim_private.key 1024

Now I want to see the private key that has been generated & save it somewhere in notepad as I will need it later

# nano dkim_private.key

—–BEGIN RSA PRIVATE KEY—– ZIICWwIBAAKBgQC4XgvVWLD1TaZi9MVySGVYRZA2WTEMeJ34J+cH6Zamd19mXjZs pbyhIks67S8hOz8Tbno8VC+wAfjT4E0pyjtZnLroEA8+/Y4KYwQZkRS5hn1QluDY 02txaWlOHvbmImtCf7BzjMVOIlRakrMVJY/hHQqjPP5rVKrs6SnYY1IoJQIDAQAB AoGAfuqm5MBAWS2SG876WRjDQ0fn5bHylO43eMwnO4gu3/uPHc4/Uv2o45fTCAad ChhZ7IuB9CPUDCrfWyOumtUPkwymW7Z1o9e1AqxVo8+xU7hmYpG9HBTiCA13yD9Q exbmY3aVs2FDpnSboUjJuRk07bNYbE8RTYrn4zXlJTu4heUCQQD0WfYgqEi2HNdn Pmdk6eMskYn7ELo6fLnSrQu8yiqbmbyte/F2YBUhuqXsZa40Kj15obt/U+C8Ydiv QiZ6+qU3AkEAwSgLwTGTX13BrOQMJj+Hio46YHXv/9Y8+r9WITugIOdbEJO5fg4Q zyc/igs6YeRAmgeBny+Bf2UpMEjyktvLgwJAY5JtO62Xw65JEKdbVsIAct7zzT1p xf+hcXpWuB3h8vpY6pEBOm247r+ycXyV2mgEGRaQ4zf48osk03YvXBnbTQJAWP5N ZCamQtMcr76mRl0Q4uqixNyxxgr8L39GfKtPHLnbgCi/1u8+GWN45+5CaOXUSeNZ enFV1c9TCdciRD2WZwJAWk/vLR9ivF6hJXtG7X/NRr8Bqj6t7uZYWAgCe45juSxB GyWlvt57BlNwcHsJAqaOarXEZXmu1Ht47j1DhpczIw==
—–END RSA PRIVATE KEY—–

2. Create Public Key for DKIM for my sub-domain

openssl rsa -in dkim_private.key -pubout -out dkim_public.key

Now I want to see the public key that has been generated & save it somewhere in notepad as I will need it later

Remember this Public Key you need to set in your DNS

# nano dkim_public.key

—–BEGIN PUBLIC KEY—– ZIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC4XgvVWLD1TaZi9MVySGVYRZA2 WTEMeJ34J+cH6Zamd19mXjZspbyhIks67S8hOz8Tbno8VC+wAfjT4E0pyjtZnLro EA8+/Y4KYwQZkRS5hn1QluDY02txaWlOHvbmImtCf7BzjMVOIlRakrMVJY/hHQqj PP5rVKrs6SnYY1IoJQIDAQAB
—–END PUBLIC KEY—–

3. Setup TXT record in my Domain DNS Settings

Make sure you take the Public Key tag inside content, remove all new line breaking to set the Public Key in your DNS.
For example: I have copied the current below code in my clipboard

ZIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC4XgvVWLD1TaZi9MVySGVYRZA2WTEMeJ34J+cH6Zamd19mXjZspbyhIks67S8hOz8Tbno8VC+wAfjT4E0pyjtZnLroEA8+/Y4KYwQZkRS5hn1QluDY02txaWlOHvbmImtCf7BzjMVOIlRakrMVJY/hHQqjPP5rVKrs6SnYY1IoJQIDAQAB

My Subdomain is: billing.socrpro.com

You will have to set a selector for it, it can be a random unique number. For example I have set “1579977319“

Host Name: 1579977319._domainkey.billing.socrpro.com

TXT Record:

v=DKIM1; k=rsa; g=*; s=email; h=sha256; t=s; p=ZIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC4XgvVWLD1TaZi9MVySGVYRZA2WTEMeJ34J+cH6Zamd19mXjZspbyhIks67S8hOz8Tbno8VC+wAfjT4E0pyjtZnLroEA8+/Y4KYwQZkRS5hn1QluDY02txaWlOHvbmImtCf7BzjMVOIlRakrMVJY/hHQqjPP5rVKrs6SnYY1IoJQIDAQAZ

I am using Rackspace to setup DNS for my domain, screenshot attached how I have done it

4.Check if TXT Record setup perfectly by DKIM Analyzer

You can use this URL https://www.dmarcanalyzer.com/dkim/dkim-check/ or https://dkimcore.org/c/keycheck to check if DKIM TXT record has been properly setup or not. Make sure you check after you set DKIM TXT record in your DNS, sometime DNS Update take 24 hours – 48 hours.

If you are using PHP Script to send email using DKIM Signature, you can use this link: https://github.com/louisameline/php-mail-signature