In this article I will give an example of generating keys and adding DKIM records.
In the Linux terminal, execute the command to generate a secret key with a length of 1024, you can specify 2048, but not all DNS servers can accept (this key is not shown to anyone):
openssl genrsa -out private.pem 1024
We get the public key from the secret (we will specify it in the TXT DNS server records):
openssl rsa -pubout -in private.pem -out public.pem
You can use the free service to generate DKIM, but I do not recommend.
Now you need to specify these keys in the mail server settings, and also add a TXT record in the DNS server settings, for example:
default._domainkey TXT "v=DKIM1; k=rsa; p=..."
Where:
default – selector, in this case, I have specified for the main domain, you can specify a subdomain here, for example, mail._domainkey or default._domainkey.mail.
v – DKIM version.
k – key type.
p – public key.
You can also specify:
t=y – test mode.
t=s – determines that the entry applies only to the specified domain, and not to all subdomains.
You can verify the record using dig:
dig +short default._domainkey.ixnfo.com TXT
See also my articles:
How to add DKIM record for iRedMail
Configuring SPF and DKIM records in cPanel
How to add DMARC record
Thanks :)
thanks