Category: Before Enabling Filtering Services | Protocol: DNS / Cryptography
DKIM (DomainKeys Identified Mail) helps prove that the sending domain has not been spoofed and that the message content has not been altered during transmission. It relies on a cryptographic signature associated with a public key published in DNS.
I — DKIM Compliance Indicator
Your administration console displays the DKIM status in real time:
- ✔ Public key in place — Messages are correctly signed
- ⚠ Incorrect key — The key in use is not the Secuserve key
- ✘ No key — No DKIM key configured for this domain
II — Generate and Configure the DKIM Key
- Log in to your console: https://www.security-mail.net/
- Go to Configuration > Domain Settings > DKIM
- Click Generate DKIM Key
- Copy the displayed value and add it to your DNS zone
| Parameter | Value |
|---|---|
| Name | sec-sig-email._domainkey |
| TTL | 3600 |
| Type | TXT |
| Value | Copy from the administration console |
III — Enable DKIM Signing
- In the console, go back to Configuration > Domain Settings > DKIM
- Verify that the DNS record has fully propagated (this may take several hours)
- Check Enabled
⚠️ Enable DKIM signing only after confirming that the public key is correctly published in DNS. Enabling it too early may result in email rejection.
IV — How DKIM Works
When sending an email, the mail server signs the message using a private key. The recipient retrieves the public key from DNS and verifies the signature. If both match, the message is authentic and has not been modified.