Configure DKIM for Outgoing Email

You can use DomainKeys Identified Mail (DKIM) to authenticate your outgoing white-labeled email.

The email is marked trusted, and receiving mail exchangers can verify that it is coming from an authorized source. For more information, see http://www.dkim.org/.

GoodData uses OpenDKIM. For more information, see http://www.opendkim.org/.

DKIM must be configured on two sides, yours and GoodData’s.

There are two possible scenarios of setting up DKIM:

Using a specific private key to sign emails

  1. You send your private key to the person managing the white-labeling process with GoodData Support.

  2. You provide information which DKIM selector on which domain you use, so that the public key can be verified.

  3. We add your private key to the configuration of our email servers.

Once all the steps are completed, your outgoing emails are signed. If you use Gmail, you will see a “signed-by: your_domain.com” message in your email.

Using a GoodData shared key to sign emails

  1. You contact GoodData Support with a request for a DNS record with a public key.

  2. We provide you with a DNS record with a public key.

  3. You add the key to the DNS records of your domain.

  4. (Optional) Add include:relays.gooddata.com into your Sender Policy Framework (SPF) record to ensure that GoodData mail relays are authorized to send emails. To get email relay addresses, use the following dig commands:

    $ dig relays.gooddata.com
    $ dig TXT relays.gooddata.com
    

Once all the steps are completed, your outgoing emails are signed. If you use Gmail, you will see a  “signed-by: your_domain.com” message in your email.