Do you offer DKIM signing and support?

Yes - we do offer a function to DKIM sign your emails.

What is DKIM signing?

DKIM (DomainKeys Identified Mail) allows email senders to 'sign' their messages and for recipients to be able to 'verify' that those messages are genuine. It is mainly designed to reduce spoofing/faking of the sender's email addresses or message content - it does not automatically guarantee delivery but it can improve deliverability.

Email messages signed with DKIM would include a 'DKIM-Signature' field in the header - this is essentially a cryptographic signature of various parts of the message. When the recipient's email system receives the message it would decrypt this signature using the sender 'public key' which is published as part of the sender's DNS record.

What parts of the message do you sign?

We DKIM sign the following elements of each message:

Header From Address
Header To Address
Header Reply-To Address
Header Subject Line
Header Message ID
Message Body (including attachments)

IMPORTANT: As per the RFC / DKIM standards it is very important that you only include one of the above in each message. If you include duplicate header fields (i.e. Multiple 'To:' header fields) we will only sign the last one, all others with be ignored and your message may fail DKIM verification upon delivery.

Do you use a shared DKIM key?

No - we issue a unique DKIM key for each domain name so your DKIM reputation cannot be affected by other senders.

Will this affect the email I send from my domain name via other providers or servers?

No - the DKIM key uses an AuthSMTP specific 'selector' and the signing will only apply to messages sent via your AuthSMTP account.

How do I enable DKIM signing on my account?

DKIM is enabled on a per domain basis - to enable DKIM on your domain names please log in to the control panel and go to 'Advanced Config' -> 'DKIM Signing'.

What if I sign the messages myself?

When sending emails via AuthSMTP you can use DKIM-compliant email applications/libraries to pre-sign your email messages before sending them to us. If doing this we recommend you check which parts of your messages need signing and testing fully before using them in a production environment.

Emails sent through AuthSMTP with DKIM signatures already in place will pass through unmodified even if you ask us to DKIM sign the messages.

For more (specific) information on DKIM see the official DKIM Website.

What can go wrong?

The following common issues will prevent your messages from being signed (but not limited to):

If we enable DKIM signing on your account and then you DKIM sign the messages yourself before submitting them to us we will not re-sign them again, they will just pass through unmodified.
Always send DKIM-signed emails using quoted-printable (preferred) or base64 encoding. Using 8-bit encoding is not safe / compatible — it can lead to message corruption or altered line endings during transit, especially when relayed through mail servers that don’t fully support 8-bit MIME. Such changes can invalidate the DKIM signature, resulting in verification failures or delivery issues with receiving mail systems.
The line length in your email content must comply with RFC standards. The absolute maximum is 998 characters per line, including any line breaks. Exceeding this limit can cause DKIM verification to fail and may lead to the message being filtered or rejected by receiving mail systems. For best results, keep line lengths well below the maximum.
If the DKIM public key is removed from your domain’s DNS after setup, your outgoing messages will still be signed but will fail DKIM verification on receipt. This mismatch can cause receiving mail systems to reject the message outright or deliver it to the spam or junk folder.
Our systems have several redundancy features in place that trigger in the event of an outage or extreme spike in mail flow/resource usage, in the event of certain types of issues we may not DKIM sign messages to preserve the flow of email. This is unlikely, but a requirement to maintain service availability.

Is there any other recommendations when sending DKIM-signed messages?

Yes - there are several other best practices when sending DKIM signed messages:

Setup an SPF record for your domain name.
Setup a DMARC record for your domain name.
Ensure that your message content is standards-compliant and does not include anything that may trigger spam filters.

If you have any questions please contact us.

Are you having a problem sending email or looking for a reliable SMTP server?

AuthSMTP is the outgoing SMTP email service for your e-commerce website, mailing list or email program.

It works on most current computers or devices and solves many of the common problems with sending email such as relaying denied errors or blacklisting issues.

With instant setup, a money back guarantee and very low cost starter accounts you can test and start sending email in minutes with no risk.

View Features