• Contact Us
  • Pricing
  • Search
  • Register
  • Login
  • DNS Tools
    • MX Records
    • A Records
    • CNAME Record
    • PTR Record
    • SPF/TXT Records
    • NS Records
  • Domain Tools
    • ARIN Records
    • WHOIS Records
  • Blacklists
    • Blacklist Checker
    • Whitelist Checker
    • Email Blacklist Removal Tool
  • Email Tools
  • Port Scans
  • Other Tools
    • IP Tools
      • IP Address Converter
      • IP Address Locator
      • IP Range To CIDR
    • Chrome Extension - Email Deliverability Checker
    • 3D Trace Route
  • Blog
    • First Time Sender
      • Email Certification
      • Email Throttling
      • IP Warming
    • Formatting Emails
      • For Browsers
      • For Devices
      • For Email Clients
    • How To Avoid
    • How To Set Up
    • Mail Tester Guide
      • Email Headers Explained
      • MX Records, PTR Records, and Reverse PTR Records AKA rDNS
      • RFC Syntax Checking
      • Email Port Checks
      • SPF Record and Alignment
      • DKIM Signatures and Alignment
      • DMARC Validation
      • Mail Tester Test Tool
    • Measuring Peformance
      • Bounces
      • Clickthrough Rates
      • Open Rates
    • Related Resources
      • Abuse Contacts
      • Common Ports
      • DMARC and the Contact Us Form
      • Email Identifier
      • Email Headers
      • Email Statistics
      • How Email Works
      • How to Treat Spammers
      • Securing Your Server
    • Rules to Follow
      • Can Spam Act
      • Postmaster Guidelines
  • Member Services
    • Members Area
    • Community Forums
    • Blacklist Monitoring
    • Bulk Email Validation Tool
    • Complete Monitoring Solution
    • Domain Name Monitoring
    • Feedback Loop Submissions
    • Full Port Scan Monitoring
    • Mail Tester Pro Tool
    • Mail Miner
    • Spam Detector Toolbox
    • Trusted Sender Site Seal

DKIM Signatures - (DomainKeys Identified Mail)


DKIM Signatures allow the signing domain to claim responsibility for an email. It seperates the question of the identity of the signer of the message from the purported author of the message. The cryptographic signature is validated by the public key store in DNS and explained here: Domain Keys

Internet Standard: RFC 6376

This standard is designed to support the extreme scalability requirements that characterize the email identification problem. There are currently over 80 million domains and a much larger number of individual addresses. DKIM seeks to preserve the positive aspects of the current email infrastructure, such as the ability for anyone to communicate with anyone else without introduction.

Example of a DKIM Signature


DKIM Signatures

The image above was take from the headers of an email that we sent out. Let’s break down the DKIM signature into simpler terms.
  • v = The version of this specification that applies to the signature record.
  • a = The algorithm used to generate the DKIM signature.
  • c = The type of message canonicalization used, which can be simple or relaxed.
  • d = The domain sending the email.
  • s = The name of the selector used in DNS.
  • h = A colon-separated list of header field names. In this example we only have one.
  • bh = The hash of the canonicalized body part, referred to as Body Hash.
  • b = The Signature Data.

I understand. Now how do I set up my DKIM Signature?


If you did the legwork of setting up your Domain Keys, setting up DKIM Signatures will take place in your email server software. The software should allow you to enable DKIM Signatures and set some of the basic configuration on how it will be used. If your software doesn't have DKIM capabilities, it's time to look for a different software package that is up to date with current email standards.

You can check your configuration by sending an email to "mailtest@unlocktheinbox.com" and it will return the results letting you know the status of SPF, Domain Keys, DKIM, Sender ID, and Spam Assassin checks.

Source: Unlock The Inbox
Copyright © 2017 Unlock The Inbox