What is DKIM?
DKIM - or DomainKeys Identified Mail is an email authentication method. DKIM adds a digital signature to every outgoing message. This signature is examined by receiving mail servers to determine if the message was really sent from the sending domain.
Do I need DKIM?
DKIM help protect your domain from spoofing. DKIM also help to prevent your mail from being tagged as spam. DKIM is a MUST!
It's always best to consult your email hosting company for documentation on how to implement DKIM properly.
DKIM is implemented by adding a TXT record to the domain's DNS zone file. Typically a DKIM entry consists of a "Host" entry and "TXT value"
It is very important to test DKIM once implemented. I use DKIM Validator
You can validate your DKIM by sending a test message to the randomly generated email address created on the DKIM validator website.
Once the test email has been sent, go to the DKIM validator website and click the "View Results" button.
Inspecting the "DKIM Information" section will show details about the encryption, public key, headers, public key DNS lookup and validation.
The important part to confirm if validation succeed is under the "Validating Signature" heading.
A successful entry should have " Result = Pass"
An unsuccessful entry could have "Result = Fail" "Details: Message has been altered"
DKIM Validation Fail - Message has been altered
If you get this error you can try the following:
- Verify the DKIM entry is set up properly - check documentation for your specific host
- Do a test from webmail, if validation succeeds then in points to the message being changed from email client in transit to the server
- Get in touch with your hosting company technical support to verify DKIM has been implemented correctly
- Check email server settings
- Try a different email client - as weird as it seems I had this issue using Windows Mail, when I swapped over to Microsoft Outlook validation succeeded.
Windows Mail causing DKIM validation fail Message has been altered
A client approached me indicating that they have mail deliverability issues. Messages were not sent as DKIM has not been working. Upon sending a test to DKIM Validator I got "Result = Fail" "Details: Message has been altered"
The client was using Windows Mail for a mail application.
Even after checking, removing and re adding the DKIM record it made no difference. The hosting company tech support was not helpful as per them everything was set up and working the way it should on there end.
I tried setting up a new mail account on a different computer with Windows Mail but had the same issue "Result = Fail" "Details: Message has been altered". Sending test emails from webmail worked fine.
You guessed it, Windows Mail was the culprit, I installed Microsoft Outlook, added the account and Bingo, Validation result = PASS.