Knowledgebase

Enabling DKIM Email Signing

Enabling DKIM Email Signing

DKIM “provides a method for validating a domain name identity that is associated with a message through cryptographic authentication” (www.dkim.org).

You enable DKIM email signing for domains that use the Plesk DNS server and those that use an external DNS server in a different way.

Enabling DKIM Email Signing for Domains That Use the Plesk DNS Server

To enable DKIM signing of outgoing email, go to Websites & Domains > Mail Settings of a domain, select the Use DKIM spam protection system to sign outgoing email messages checkbox and click OK.

If you have activated DKIM for a domain, Plesk adds the following two records to the DNS zone of the domain (example.com stands for your domain name):

  • default._domainkey.example.com - contains the public part of the generated key.
  • _ domainkey.example.com - contains the DKIM policy. You can edit this policy.

Enabling DKIM Email Signing for Domains That Use an External DNS Server

If you use an external DNS service, DKIM signing will work for outgoing messages, but the receiving mail server will not be able to validate these messages. As a workaround, you can switch off Plesk DNS server and add a corresponding DKIM-related DNS record on the external DNS service. In this case, the receiving server will be able to validate the messages. 

SPF and DMARC Policies for Outgoing Mail

In addition to DKIM, Plesk supports SPF and DMARC policies for outgoing mail. DMARC carries out the specified policy as to how to treat email messages depending on the results of the DKIM and SPF checking. By default, DMARC uses general policy, and messages that did not pass checking are not deleted. You can use stricter policy. For example, you can specify that it is necessary for a message to pass both SPF and DKIM checking to be accepted by the recipient mail server.

You can change the SPF and DMARC policies for your domain in the domain’s DNS settings.

To set up DMARC or SPF policy for your domain:

Go to Websites & Domains > navigate to the domain > DNS Settings and edit the DNS records related to SPF or DMARC. For example, this record contains the default DMARC policy:

_dmarc.<your domain>.    TXT    v=DMARC1; p=none

For information on DMARC and SPF, including policy notations, refer to:

  • plesk
  • 4 Users Found This Useful
Was this answer helpful?

Related Articles

Connecting using PuTTY on Windows workstations

Configuring PuTTY In PuTTY, under Session, enter your Host Name Under Connection choose Data...

How to install the php-mcrypt module on a Plesk server

Question How to install the php-mcrypt module on a Plesk server? Answer Notes: The solution in...

Windows: Accessing Your Server with Remote Desktop

This article explains how to use Remote Desktop to access your Windows server’s desktop from...

What is Reverse DNS?

Reverse DNS (rDNS) is name resolution that looks up an IP addresses to obtain a domain name,...

What is Reverse DNS?

Reverse DNS (rDNS) is name resolution that looks up an IP addresses to obtain a domain name,...

Need help? We're always here for you.