Question

how to add SPF Record for DKIM Key?

  • Posted November 17, 2013

Hi! Newbie here,

I followed this tutorial:

https://www.digitalocean.com/community/articles/how-to-install-iredmail-on-centos-6-3-x64

but all mails I sent using john@mydomain.com are being marked as spam. Then I realized I forgot to do one step, that is to add a SPF Record containing DKIM key in the Droplet. But the tutorial doesn’t go too much detail on how to do this.

I checked iRedMail.tips and found these lines:

DNS record for DKIM support:

; key#1, domain dealwithin.com, /var/lib/dkim/dealwithin.com.pem dkim._domainkey.dealwithin.com. 3600 TXT ( “v=DKIM1; p=” “MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDSiChwVXgufTwQyzTi8ICof3X8” “FIB3QS1er/HlMkiWG5jAuc6ByAd01Zcmc6crH15uukTu8a/sH0brnuMAwY6XouMc” “ENncPQOrCGUf5m529K7Rt/jgnOf7stfF0Z0XvN99BkcFaA6oAw5yzQ5rEB2k/jih” “8IroFqS7R2yJLVbUhwIDAQAB”)

i tried imitating the name field of the one in the tutorial “dkim_domainkey” and copy & pasted these:

“v=DKIM1; p=” “MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDSiChwVXgufTwQyzTi8ICof3X8” “FIB3QS1er/HlMkiWG5jAuc6ByAd01Zcmc6crH15uukTu8a/sH0brnuMAwY6XouMc” “ENncPQOrCGUf5m529K7Rt/jgnOf7stfF0Z0XvN99BkcFaA6oAw5yzQ5rEB2k/jih” “8IroFqS7R2yJLVbUhwIDAQAB”

to the text field. Since I can’t send mail anymore I assume that I did it incorrectly. How should I input the DKIM key? TIA

Subscribe
Share

Submit an answer
You can type!ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Hello there,

A DKIM record is another measure that can prevent spoofing and improve mail reliability. You can use any online tool to generate the key for you.

In order to have a proper DKIM record, you’ll need to have one public and one private DKIM key. Usually, how it goes is, you have the private DKIM on your Droplet and the public DKIM record added to your DNS.

When you send an e-mail to a another domain, the server the domain is on, checks both the public and the private DKIMs to see if they match.

Basically, in order for your DKIM to work, you’ll need to have the private part on your Droplet. Having said that, Plesk does come as far as I’m aware with a tool that does this.

Also if you use any control panel for your server, like cPanel it will have the built-in functionality to create the DKIM record on your behalf.

We do have a tutorial on How To Install and Configure DKIM with Postfix on Debian Wheezy which you can check here

https://www.digitalocean.com/community/tutorials/how-to-install-and-configure-dkim-with-postfix-on-debian-wheezy

Once created you can use a DKIM checker tool like the one provided from mxtoolbox and check whether the generated key is valid.

https://mxtoolbox.com/dkim.aspx

Another DKIM tester you can use is

https://www.mail-tester.com/spf-dkim-check

Hope that this helps!

I have 2 files: mail.private and mail.txt The mail.txt file contains the key to insert DNS record (TXT). Where can I put the file mail.private (which contains the DKIM key)?

Thank you.

[UPDATE] I’ve found this tutorial: https://www.digitalocean.com/community/tutorials/how-to-install-and-configure-dkim-with-postfix-on-debian-wheezy

Thank you.

<blockquote>that is to add a SPF Record containing DKIM key in the Droplet. But the tutorial doesn’t go too much detail on how to do this.</blockquote> <br>An SPF record is not the same as a DKIM key. They are two different records. <br> <br>An SPF record is usually enough however if that doesn’t fix emails going to spam you might want to look into adding a DKIM key.

Start by first adding an SPF record <a href=“https://www.digitalocean.com/community/articles/how-to-use-an-spf-record-to-prevent-spoofing-improve-e-mail-reliability”>How To use an SPF Record to Prevent Spoofing & Improve E-mail Reliability</a>.