DKIM email authentication

Article author
Kelly Sutter
  • Updated

DKIM (DomainKeys Identified Mail) is an email authentication protocol designed to prevent your mail from being classified as spam. The DKIM signature appears in the email header. This signature tells the ISPs you are a legitimate sender and helps your emails arrive safely in the inbox. Many of the popular ISPs include DKIM in postmaster guidelines for email marketers. 

 

WordFly DKIM record (Set up by default)

WordFly automatically signs your emails with a digital DKIM signature in the email header. DKIM is required and cannot be turned off if you plan to send emails using WordFy.

Example email header. The domain is signed with the d= value and the WordFly selector is noted with the s= value.

DKIM-Signature: v=1; a=rsa-sha1; d=wordfly.com; s=wordfly02;
  c=relaxed/relaxed;
    q=dns/txt; i=@yourdomain.com; t=1484339161;
    h=From:Subject:Date:To:MIME-Version:Content-Type;
    bh=j/kyZ6bo6j4yE2roPVlGnsQHSvM=;
    b=EPtAeVmYeb/OGJPWsCdlgxbgfF+bcxL7W7/DGykhDE0rXdIZikG2d45545q4NYji
    JsGEWHulM3AcW/JDuWqfaLVkg8b2C/TP0rLi2DiMcR+usUnEWDpBnCKtWlAnLSNV
    oJmqjcGmVRYFQiktnjhwLY1gc34YXTjW7fsCNI29XEM=;
X-MSFBL: dGVhbUB3b3JkZmx5LmNvbUBDVVByZXNlbnRzTWFya2V0aW5nQGRlZmF1bHRAQ1VQ
    cmVzZW50c19Nek0yWHpNd09EaGZNMTgzTWpJdw==

 

Some email clients will display information about the sender of the email next to the from/reply-to address. For example, you might see "via wordfly.com" or "on behalf of wordfly.com".

Example sender display:

 

Custom DKIM record (Optional)

You can choose to publish your own DKIM authentication for WordFly emails. Your organization publishes a DKIM record known as the public key and WordFly configures a corresponding private key. This key is looked up when an ISP reviews your header information and looks up the DKIM.

 

Considerations

  • You will need to have access to the DNS hosting your sending domain
  • WordFly will provide a TXT record for the DKIM
  • Plan for 2-3 days for set up and testing as WordFly must configure the record for testing
  • The email header will show the d= value as your custom domain
  • You may no longer see "via wordfly.com" or "on behalf of wordfly.com" next to the from/reply-to address

These instructions are best suited for a DNS interface that gives you the ability to publish records for your domain. You must publish the DKIM with the DNS hosting your sending domain. Please consult with your IT team to verify where your domain is being hosted.

 

Email us to request a DKIM record for your domain. We will help run verification tests to confirm the DKIM is passing.

 

To publish a DKIM record for your sending domain

  1. Log in to your DNS
    DNS Examples: GoDaddy, DNS Made Easy, Network Solutions, etc.
  2. Go to Advanced DNS Management
    This will be different for each DNS. Please let us know which DNS you are using for further assistance.
  3. You will need to publish a new TEXT (TXT) record for DKIM
    Look for instructions under Advanced DNS that provide details on publishing various kinds of records. The most typical are TXT records.
  4. The DKIM record will require publishing a selector record

    This step will require a DKIM text document provided by WordFly support. If you have not received this yet, please let us know by replying to your open ticket. Our support team will send the DKIM text record for your specific domain(s).

    To publish the Selector Record

    • In the Host field, paste "wordfly02._domainkey" into the Host field. 
    • In the Text field, paste the "v=DKIM1\; k=rsa\;..." string into the Text field.

    Tips:

    • Check your DNS provider’s documentation on setting up DKIM
    • Some DNS providers do not require the backslash in the text portion
    • Some DNS providers do not require the sending domain in the host portion
    • Never include quotes around the text portion when using the DNS web interface

  5. [Optional] If possible, adjust the TTL to something like 60, so it will propagate faster
  6. Publish the records
    The records propagate within 24 hours or faster depending on the TTL settings.
  7. Reply to your open support ticket to let us know you have completed these steps.
    We’ll test the record to confirm it is passing as expected.
  8. Set up a postmaster@ mailbox
    Follow these steps
  9. Set up the Yahoo feedback loop
    Follow these steps

 

 

 

Was this article helpful?

Comments

0 comments

Article is closed for comments.