DomainKeys

Axigen Documentation

DomainKeys authentication can be configured by using advanced acceptance / routing rules. Axigen now implements both built-in DomainKeys and DomainKeys Identified Mail technologies.


For each DomainKeys process, signing and verifying, a SMTP filtering rule needs to be configured in your AXIGEN Mail Server, via the WebAdmin interface, under "Security & Filtering" -> "Acceptance & Routing" -> "Advanced Settings" -> click "Add Acceptance / Routing Rule".

For DomainKeys signing, the rule should be:

  • Conditions:

    • Match any email message

  • Actions:

    • Select "DK - DK Key Path" from the "Actions" list, click "Add Action";

    • Fill in the "DK Key Path" field with the path to your private key file;

    • Select "DK - DK Selector" from the "Actions" list, click "Add Action";

    • Fill in the "DK Selector" field with the name of your DomainKeys selector, as configured in your DNS server;

    • Select "DK - Sign Domain Key" from the "Actions" list, click "Add Action" - "Save Configuration"

For DomainKeys verifying, the rule should be:

  • Conditions:

    • Match any email message

  • Actions:

    • Select "DK - Check Domain Key" from the "Actions" list, click "Add Action";

    • "Save Configuration"

Make sure you use suggestive "Rule names" for the above rules. For example: "DomainKeys-sign" and "DomainKeys-verify".

To use DKIM technology (DomainKeys Identified Mail), similar rules can be defined. The only difference is that you need to select the actions containing "DKIM". For example: "DKIM selector" instead of "DK Selector" / "Sign DKIM" instead of "Sign Domain Key".

Please note that your DNS must be configured accordingly in order to implement domain keys signing.

To learn more about the benefits of implementing DomainKeys or DKIM, please refer to: