XWall
The
Mail Filter
                              

CRYPTOFILTER
The
Mail Security
Search on this site Home
 
DomainKeys Quick Start
 

DomainKeys Public/Private Key-pair Generation

  • download TLS/SSL Toolkit
     
  • extract OpenSSL.exe into a direcory of your choice
     
  • in a DOS box type

    openssl genrsa -out dkim-private.pem 1024 -outform PEM

    and then

    openssl rsa -in dkim-private.pem -out dkim-public.pem -pubout -outform PEM
     
  • This results in two files, dkim-private.pem which is the private key and looks like this:

    -----BEGIN RSA PRIVATE KEY-----
    MIIByQIBAAJhAKJ2lzDLZ8XlVambQfMXn3LRGKOD5o6lMIgulclWjZwP56LRqdg5
    ZX15bhc/GsvW8xW/R5Sh1NnkJNyL/cqY1a+GzzL47t7EXzVc+nRLWT1kwTvFNGIo
    AUsFUq+J6+OprwIDAQABAmBOX0UaLdWWusYzNol++nNZ0RLAtr1/LKMX3tk1MkLH
    +Ug13EzB2RZjjDOWlUOY98yxW9/hX05Uc9V5MPo+q2Lzg8wBtyRLqlORd7pfxYCn
    Kapi2RPMcR1CxEJdXOkLCFECMQDTO0fzuShRvL8q0m5sitIHlLA/L+0+r9KaSRM/
    3WQrmUpV+fAC3C31XGjhHv2EuAkCMQDE5U2nP2ZWVlSbxOKBqX724amoL7rrkUew
    ti9TEjfaBndGKF2yYF7/+g53ZowRkfcCME/xOJr58VN17pejSl1T8Icj88wGNHCs
    FDWGAH4EKNwDSMnfLMG4WMBqd9rzYpkvGQIwLhAHDq2CX4hq2tZAt1zT2yYH7tTb
    weiHAQxeHe0RK+x/UuZ2pRhuoSv63mwbMLEZAjAP2vy6Yn+f9SKw2mKuj1zLjEhG
    6ppw+nKD50ncnPoP322UMxVNG4Eah0GYJ4DLP0U=
    -----END RSA PRIVATE KEY-----
     
  • and dkim-public.pem, which is the public key and looks like this:

    -----BEGIN PUBLIC KEY-----
    MHwwDQYJKoZIhvcNAQEBBQADawAwaAJhAKJ2lzDLZ8XlVambQfMXn3LRGKOD5o6l
    MIgulclWjZwP56LRqdg5ZX15bhc/GsvW8xW/R5Sh1NnkJNyL/cqY1a+GzzL47t7E
    XzVc+nRLWT1kwTvFNGIoAUsFUq+J6+OprwIDAQAB
    -----END PUBLIC KEY-----
     
  • Copy dkim-private.pem to CERT\PRIV directory
     
  • Define a selector for your DomainKey, in this sample we use mail
     
  • Copy the data of the public key file a TXT record for your domain:

    mail._domainkey IN TXT "k=rsa; p=MHwwDQYJKoZIhvcNAQEBBQADawAwaAJhAKJ2lzDLZ8XlVambQfMXn3LRGKOD5o6l MIgulclWjZwP56LRqdg5ZX15bhc/GsvW8xW/R5Sh1NnkJNyL/cqY1a+GzzL47t7E XzVc+nRLWT1kwTvFNGIoAUsFUq+J6+OprwIDAQAB;"
     

DomainKeys Signing

  • select Options->DomainKeys->Sign and create a new record

    Set the fields as follows:
     
    Comment: Sample Sign
    For messages from e-mail address: *@yourdomain.com
    to e-mail address: *
    use this certificate (file in PEM format): dkim-private.pem

Thereafter the program will sign all messages from your domain to everyone using the private key in the dkim-private.pem certificate.

Forum

At the forum you find DomainKey: How-To

Changed: 2012-01-19 Sitemap
Copyright ® 1996-2012 DataEnter GmbH
Wagramerstrasse 93/5/10 A-1220 Vienna, Austria
Fax: +43 (1) 2020770
support@dataenter.co.at