With this Free TOOL you can Generate working DKIM keys for your email on any server so long as you have access to the providers DNS control panel and are able upload a private key to the server. This part is Critically important as your DKIM Public Key has to match the private key. Here’s why: If you are sending mail with a DKIM enable mail server, your mail is sent signed with:

  • 1.The Dkim Private Key for your domain.
  • 2.The Dkim Public Key Selector at your domain.

    • If you send a test to gmail you should be able to see this information if you look at the RAW message.It should look something like this:

    DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=DOMAIN.NAME ; s=Your Selector; h=Content-Type:M ….


    If you have it all in place with your SPF and DMARC you should also see this:


    dkim=pass header.i=@DOMAIN.NAME header.s=your Selector header.b=gWREbeX6;


    spf=pass (google.com: domain of bill.noble@nettrac.net designates 69.165.80.6 as permitted sender) smtp.mailfrom=Your Email address;


    dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=YOUR DOMAIN


    If you don’t see the dkim part you will see a note indicating DKIM FAIL.

    To fix this feel free to use our DKIM wizard for 1024 and 2048 bit keys.

    It will provide the proper Public key and the associated private key.

    If you choose 2048 it will be properly formatted for BIND 9 and MS Active Directory Name Servers with the proper syntax to paste into your DNS. See note below on 2048 bit Key pairs and public key Syntax/ REMEMBER though that you should check with your mail provider to make sure that you can upload and use the Private key we generate for you. IF they can not and don’t have a tool for you to use for DKIM then you likely should do some serious testing as above.


    If you need assistance feel free to contact us about any SPF, DMARC or DKIM issues. Email us at email_deliverability_tools@nettrac.technology.


    2048DKIM keys. NetTrac’s DKIM TOOL has 2048 Bit DKIM Public keys. If you have generated your DKIM key to be 2048 bits then we will give you the working syntax for BIND and Microsoft nameservers as they only allow a maximum of 255 characters in a TXT value field whereas the 2048 bit key exceed s this value. We will break this up into smaller pieces with the correct BIND 9 syntax so you should be able to just cut and paste it into your DNS. Lets begin.



    DKIM WIZARD


    About Adding BIMI Records:

    Email Brand Indicators to increase email engagement and trust.

    Your domain must already have completed full DMARC enforcement. DKIM, SPF, DMARC recordsmust be in place before addng BIMI

    Steps:

  • 1. Create an SVG image that is perfectly sqaure say 20 x 20 pixels
  • 2. Upload that image to a spot on your website.
  • 3. Add a record that has a host value of "default._bimi" or "default._bimi.yourdomain.com."
  • 4. The Value should look like this: "v=BIMI1; l=https://www.your-domain-name.com/your-image-name.svg;" That is all there is to it. Beware of any mail service that charges a fee for hosting BIMI records.At NetTrac this free and always will be.

    • That is all there is to it. Beware of any mail service that charges a fee for hosting BIMI records.

    At NetTrac this free and always will be.