Home Explore Help
Sign In
bachir
/
materio-base-d7
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: ccab226e12
Branches Tags
materio-base...
/
sites
/
all
/
libraries
/
phpmailer
/
docs
/
DomainKeys_notes.txt

DomainKeys_notes.txt 2.1 KB
History Raw

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455 
  1. CREATE DKIM KEYS and DNS Resource Record:
    2. 

  2. =========================================
    3. 

  3. 

  4. To create DomainKeys Identified Mail keys, visit:
    5. 

  5. http://dkim.worxware.com/
    6. 

  6. ... read the information, fill in the form, and download the ZIP file 
    7. 

  7. containing the public key, private key, DNS Resource Record and instructions
    8. 

  8. to add to your DNS Zone Record, and the PHPMailer code to enable DKIM
    9. 

  9. digital signing.
    10. 

  10. 

  11. /*** PROTECT YOUR PRIVATE & PUBLIC KEYS ***/
    12. 

  12. 

  13. You need to protect your DKIM private and public keys from being viewed or
    14. 

  14. accessed. Add protection to your .htaccess file as in this example:
    15. 

  15. 

  16. # secure htkeyprivate file
    17. 

  17. <Files .htkeyprivate>
    18. 

  18.   order allow,deny
    19. 

  19.   deny from all
    20. 

  20. </Files>
    21. 

  21. 

  22. # secure htkeypublic file
    23. 

  23. <Files .htkeypublic>
    24. 

  24.   order allow,deny
    25. 

  25.   deny from all
    26. 

  26. </Files>
    27. 

  27. 

  28. (the actual .htaccess additions are in the ZIP file sent back to you from 
    29. 

  29. http://dkim.worxware.com/ 
    30. 

  30. 

  31. A few notes on using DomainKey Identified Mail (DKIM):
    32. 

  32. 

  33. You do not need to use PHPMailer to DKIM sign  emails IF:
    34. 

  34. - you enable DomainKey support and add the DNS resource record
    35. 

  35. - you use your outbound mail server
    36. 

  36. 

  37. If you are a third-party emailer that works on behalf of domain owners to
    38. 

  38. send their emails from your own server:
    39. 

  39. - you absolutely have to DKIM sign outbound emails
    40. 

  40. - the domain owner has to add the DNS resource record to match the 
    41. 

  41.   private key, public key, selector, identity, and domain that you create
    42. 

  42. - use caution with the "selector" ... at least one "selector" will already
    43. 

  43.   exist in the DNS Zone Record of the domain at the domain owner's server
    44. 

  44.   you need to ensure that the "selector" you use is unique
    45. 

  45. Note: since the IP address will not match the domain owner's DNS Zone record
    46. 

  46. you can be certain that email providers that validate based on DomainKey will
    47. 

  47. check the domain owner's DNS Zone record for your DNS resource record. Before
    48. 

  48. sending out emails on behalf of domain owners, ensure they have entered the 
    49. 

  49. DNS resource record you provided them.
    50. 

  50. 

  51. Enjoy!
    52. 

  52. Andy
    53. 

  53. 

  54. PS. if you need additional information about DKIM, please see:
    55. 

  55. http://www.dkim.org/info/dkim-faq.html
    56.