Sender Configuration Options

By Ellen Siegel  |  Posted 2009-05-06 Print this article Print

Sender configuration options

There are a number of variables that must be considered when setting up DKIM for outbound e-mail. Most of these will be discussed in the documentation for your selected implementation, but we'll highlight a few here as well. There are four main choices to make:

1. What encryption algorithm to use - You should use the rsa-256 encryption algorithm recommended by the DKIM specification.

2. What size encryption key to use - Large keys are more secure, but they may also negatively impact performance. The specification recommends a key of at least 1,024 bits.

3. Which parts of your e-mail to sign - In general, you should follow the recommendation in the specification of which headers to include in the signature. In general, you want to include headers that you want to protect (for example, the To, Subject, From, Sender and Date headers) and NOT sign headers that are likely to change during normal processing.

4. The name under which each key record is stored - Key record names include a configurable prefix called a selector that must be unique for each key. This enables domains to use different keys for distinct categories of e-mail (for example, marketing e-mail and corporate e-mail might have different keys), and it also enables periodic replacement of keys to minimize the risk of compromised security.

A DKIM signature provides all of the above configuration information, as well as the signature itself, to the receiver. Here's an example:

A corresponding key record might look like this:

Ellen Siegel is Director of Technology and Standards at Constant Contact. With more than 20 years of experience in online communication technologies, Ellen works to define and drive the adoption of industry best practices and standards to help fight spam, support legitimate e-mail, and enable Constant Contact to serve the growing needs of small businesses and organizations. Ellen is a board member and technical committee co-chair for the E-mail Sender and Provider Coalition (ESPC) and an active member of the Messaging Anti-Abuse Working Group (MAAWG). She can be reached at

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel