Hi Tamas Nemeth, and welcome to the dmarcian forums!
Your screenshot refers to a tool developed by EasyDMARC for generating a DKIM key pair to implement on an email server.
DKIM (DomainKeys Identified Mail) uses a cryptographic key pair: a private key, which the sending email server uses to sign emails, and a public key record, which the receiving server uses to validate the signature added by the sending server. The tool creates both a private key and a corresponding public key record.
The intent is for you to add the private key to your sending server and the public key record to your domain’s DNS. This requires access to both the sending email servers and your domain’s DNS management – a process known as manual DKIM configuration setup.
In this case, the public key record is added in the following format:
- DNS record type: TXT
- Host name: [selector]._domainkey
- Value: The value of the public record, starting with “v=DKIM1”.
The configuration of the private key on the email server varies depending on the mail transfer agent technology used.
However, manual DKIM configuration is now rarely necessary. Most email sending services are hosted or managed by third parties, such as Microsoft Exchange Online, Sendgrid, Mailchimp, salesforce.com, etc. If a third-party service supports DKIM, it typically includes a straightforward configuration process within their user interface, with steps unique to that service.
For instance, consider Microsoft 365, which uses Exchange Online for email sending. Let’s refer to the dmarcian sender database to review their capabilities:
Microsoft 365 DKIM Instructions
Their instructions make it clear that specific steps are required to configure DKIM within their environment. The same applies to Sendgrid:
Sendgrid DKIM Instructions
Each service has its own specific steps.
I recommend discussing with the person or team that supports your email service to identify and implement the necessary changes. Depending on the service, this might involve steps you complete with an administrator or a support request for the third party to configure on your behalf.
I hope this provides context on managing DKIM and assists you in your DMARC deployment efforts. Good luck!