Email Signing with DKIM Key and DMARC Record in SmarterMail

1. From SmarterMail Server

  1. Log on to Smartermail web interface as 'admin' or domain administrator.
  2. Go to the Manage page of a specific domain.
  3. Expand 'Advanced Settings' and click 'Mail Signing', make sure 'Enable DKIM Signing' is checked.
  4. Click 'Certificate' and type 'default' as selector, make sure the key size is set to 2048, then click 'Generate Key'. The name and the value of the new TXT record will be generated. Click 'Save' to store the DKIM key in the mail server. You may also generate the DKIM key elsewhere and paste it here. It is important to have the same key in the name servers of the domain and the mail server.

2. Create DKIM Key in Microsoft DNS server

  1. Go to DNS server and then click the domain name for creating new TXT records. Right click the domain name at the left panel or the empty area at the right panel, then click 'New Domain'.
  2. Type "_domainkey" as the name of the new domain.
  3. Enter the new domain, right click the empty area to create new TXT record.
  4. Create a no-name TXT record with the value "o=~". This is for policy for the domain. "o=~" means some e-mails coming from this domain are signed.
  5. Create another TXT record with the name of "default". Then paste the TXT record value from Step 1.4. However, there is length limit for the value, for being able to save the whole value, split the value in multiple lines.

3. Create DMARC Record

  1. Move back to the top-level domain then create a new TXT record named "_dmarc". The email addresses to be included in the record value must be valid ones.Record name must be _dmarc ; Record value: v=DMARC1; p=reject; sp=reject;;; rf=afrf; pct=100; ri=86400

4. Email Delivery Test

Send an email to your Gmail account. When the email is received, view the original email content and you should see something like the following.

Add Feedback