What is the purpose of DKIM setup?
Spammers often send emails that claim to be from legitimate email accounts. These emails are usually sent for the recipient to view or to collect sensitive information (password, email address, etc.). The typical 2 types of methods to send spam emails include spoofing and backscatter.
Email Spoofing:
Email spoofing is a method used by spammers to make emails appear to be sent from a legitimate domain/email address that does not belong to them. This is done by forging the email header to make it look legitimate so that the recipient will trust and open the email.
Spammers follow this method because it makes more people view the email due to the seemingly authentic sender. However, sometimes if they try to retrieve sensitive information from users, it can cause serious consequences. By configuring SPF and DKIM, you can detect and avoid spoofing emails. If DKIM is configured, the identity of the domain name associated with each message will be verified.
If the DKIM verification fails, the emails will be rejected according to the DKIM conditions set.
How DKIM Works:
In the DKIM process, the public key is published as a TXT record to the domain's DNS manager (the domain registrar or DNS provider). Each outgoing email contains a unique signature generated using the private key of a specific domain. The receiving email server uses this private-public key combination to verify the source of the email. If the verification fails, the recipient server may reject the email or classify it as spam/forged email based on server behavior.
Enable and use DKIM for your domain to ensure that valid emails sent using YOOV Mail will not be classified as spam on the recipient's end.
DKIM Selector:
The selector is used to identify the public DKIM key details of the domain. It is an attribute of the DKIM signature and is included in the DKIM header of the email. In situations where you need to provide special signature control for different user groups, you can use multiple selectors for a single domain.
After adding the selector and verifying the selector, you need to set it as the default and enable it for the domain. When enabled, all outgoing domain-based emails will be signed by the default selector, unless the user has been associated with a different selector in the user section.