Digitally Sign Your Email with DKIM

Digital SIgning Emails

Digitally Signing Emails

Digitally sign your email with DKIM (DomainKeys Identified Mail) and help prevent email spoofing on your side. DKIM adds a private key which stays in your server and a public key that stays in your DNS record. The outgoing email header that you send gets encrypted and the recipient servers then retrieve the public key to decrypt the incoming headers and verify that the messages really comes from your domain and was not altered while it is on transit.


What are the advantages of signing your emails?

  1. Google will accept your emails and probably most email servers on the world
  2. Gmail won’t put your email on the spam folder
  3. Most email server won’t mark your email as spam unless you people reports your email address/host to spam filters.
  4. You can easily differentiate forge mails
  5. Email servers now imposes email signing and may soon reject non-signed emails, take for example Google

Install DKIM on your centOS server (RHEL) by issuing a “yum install” command.  Honestly, way so lazy to check each dependency so I just let yum figure it out for me.

The -y parameter tells our yum installer to accept yes as a default response for all installer questions if that choice is available.

For simplicity, I allowed Virtualmin to install the package for me. There is virtually no difference if you issue the same command on your SSH connection or if you allow Virtualmin to install it for you.

Installing DKIM using Virtualmin Panel

Installing DKIM using Virtualmin Panel


Setup Using Virtualmin

Activating DKIM on Virtualmin is relatively easy if you follow the following steps.

  • Login to your Virtuamin panel
  • Go to Virtualmin tab and select “Email Messages”
  • Open up “DomainKeys Identified Mail”
  • Click “Yes” for “Signing of outgoing mail enable”
  • (Optional) CLick “Yes” for  “Reject incoming email with invalid DKIM signature?”. Warning: some incoming emails will be lost but it does not matter, they are probably spam anyway
  • Select the Size of the DKIM key and make sure you supplied the correct domain in the “domains to sign for”
  • Click save and DKIM will generate a new key for you and insert the public key to your DNS
DomainKeys Identified Mail Generated Key

DomainKeys Identified Mail Generated Key


Virtualmin will ask you to recheck the virtual server configuration after completing the steps above and potentially generate a warning of “Virtualmin is configured to setup DNS zones but this system is not setup to use itself as a DNS server“. Fixing this warning is pretty easy by opening the Webmin tab and going to “Networking->Network Configuration->Hostname and DNS client->DNS Servers” and add 127.0.0.1 to the DNS servers. Click save and error will go away.

For more info on DKIM, kindly visit their official website DKIM

coderinthebox

The TechnoJunkie of the group who studied engineering but got stuck with software development. Remember kids, 90% of your problems can be solved by marketing. Solving the other 10% just requires good procrastination skills.

You may also like...

4 Responses

  1. Tony says:

    Thanks.. got it..

  2. Tony says:

    Hello You said :

    Login to your Virtuamin panel
    Go to Virtualmin tab and select “Email Messages”

    But I don’t find any option in Virtualmin as Email Messages ? I have installed it but I am stuck..

    • coderinthebox says:

      It is located below the menu for virtual servers.I am using Authentic theme, the location remains the same.

      Email Message Image

  3. coderinthebox says:

    Still writing and testing the manual way to setup DKIM, will take a day or two for the follow up post

Leave a Reply

%d bloggers like this: