Now that the discourse of privacy and cybersecurity is becoming more common, enterprises seek new ways to verify that all emails from them are safe.
DKIM (Domain Keys Identified Mail) is an old but crafty technique used by enterprises to increase trustworthiness and email deliverability.
If a domain is using DKIM, users receiving email from that domain can verify whether the message was sent and authorized by the domain owner.
It works through a DKIM signature header that is parsed digitally by email clients. DKIM can be implemented to any Email Transport Agent (MTA) – for example, PowerMTA can be set up to use DKIM for every outgoing email it delivers.
Creating DKIM in PowerMTA is Easy
Start by generating the key in https://www.sparkpost.com/resources/tools/dkim-wizard/.
Type in the domain name that will show in the “From” header address, DomainKey
selector (it is okay to leave it at default), and key size in bits.
Afterward, click “Create Keys”. Save the resulting PEM
file in the folder:
/etc/pmta/KEY_NAME_HERE.DOMAIN_NAME_HERE.pem
Then visit your DNS hosting provider and add a TXT record in your domain name with the name:
KEY_NAME_HERE._domainkey.DOMAIN_NAME_HERE
From this part, you are almost all set. You just need to edit this file:
/etc/pmta/config
And add this line:
domain-key default,yourdomain.com,/etc/pmta/KEY_NAME_HERE.DOMAIN_NAME_HERE.pem
The full config should look like this:
<virtual-mta vmta-1>
#domain-key default,*,/etc/pmta/default.YOUR_DOMAIN_NAME.pem
domain-key default,yourdomain.com,/etc/pmta/KEY_NAME_HERE.DOMAIN_NAME_HERE.pem
<domain *>
max-msg-rate 100/h
</domain>
</virtual-mta>
As with other software, restart the PowerMTA daemon to make sure that the change is successful. If it is successful, users will see that the email they get from their beloved brands is legitimate.
Don’t forget to replace all the KEY_NAME_HERE
and DOMAIN_NAME_HERE
reference with your own key and domain name.
Seeing that setting up DKIM in PowerMTA is an easy process with very few steps involved, it is recommended for you to use DKIM in your PowerMTA instance. The added security and benefit of reputation among your clients are priceless.
We are a bunch of people who are still continue to learn Linux servers. Only high passion keeps pushing us to learn everything.