Logout

Alt-N Discussion Groups > MDaemon Discussion Groups > MDaemon Configuration > Archive > DKIM - Multiple Domains

[F] Alt-N Discussion Groups / MDaemon Discussion Groups / MDaemon Configuration / Archive /

DKIM - Multiple Domains

[Hollyman, Chris]
Chris Hollyman
Newbie
Newbie
Posts: 9
Chris Hollyman - 07:22pm, Sep 7 2021

Hi,

This is a question about DKIM. I have read the documentation, whether I understand it or not is another questions, and I have a question about multiple domains.

I host around 30 domains on my Mdaemon server. I would like to start to use DKIM however I am confused as to how to do that for each domain selectively. I "think" I want to have a selector that matches a domainkey from that domains' DNS record. At the moment if i create a new selector for a clients domain, the suggested DNS entries are always selectorname._domainkeys.mydomain.com and I would like selectorname._domainkeys.clientsdomain.com

I want each domain to be able to have its own DNS TXT record that corresponds to a selector. Am I way off with this or can you suggest what I do?

Thanks

Chris

  All MessagesOldest ItemsOlder ItemsNewer ItemsNewest Items

Arron Caruth - Sep 8, 2021 7:30 am (#1 Total: 1)  

Guest User  

Photo of Author
Posts: 1
You are exactly right.

You need to create a DNS TXT record for each domain at $SELECTOR$._domainkey.$DOMAIN$.  Notice it should be "_domainkey" not "_domainkeys".

You can either create a single selector in MDaemon and use it for all domains, or create a selector for each domain, or you could break it up even smaller, but this gets harder to configure.  I'd suggest either a single selector for all domains or a unique selector for each domain.  

To create a selector open MDaemon and go to Security / Security Manager / Sender Authentication / DKIM Signing, check the box for Sign eligible outbound messages using DKIM.  In the Default Selector drop-down type the name of the selector you want to use, then click Create new public and private keys.  A text box will open with the information for creating the DNS record. 

After creating all the DNS records, you can make all messages eligible for signing by checking the box for "All Messages from local domains are eligible for signing."  This will sign all messages from local domains using the default selector.  

If you want to configure a different selector for domains, click the button for Define which messages are eligible for signing.  In the editor that opens enter the following for each domain:

from *@$DOMAIN$ s=$SELECTOR$

Where $DOMAIN$ is replaced by the actual domain name and $SELECTOR$ is replaced by the selector name you created earlier for the domain.

--
Arron Caruth
Vice President of Product Development
o: 817-601-3222    e: Arron.Caruth@mdaemon.com

MDaemon Technologies
Simple Secure Email

Visit us on www.mdaemon.com | Facebook | LinkedIn | YouTube
Sent using the MDaemon Email Server

On Tue, 7 Sep 2021 19:22:38 -0500, "lists-md-configuration@mdaemon.com (Chris Hollyman)" <lists-md-configuration@mdaemon.com> wrote:
Hi,

This is a question about DKIM. I have read the documentation, whether I understand it or not is another questions, and I have a question about multiple domains.

I host around 30 domains on my Mdaemon server. I would like to start to use DKIM however I am confused as to how to do that for each domain selectively. I "think" I want to have a selector that matches a domainkey from that domains' DNS record. At the moment if i create a new selector for a clients domain, the suggested DNS entries are always selectorname._domainkeys.mydomain.com and I would like selectorname._domainkeys.clientsdomain.com

I want each domain to be able to have its own DNS TXT record that corresponds to a selector. Am I way off with this or can you suggest what I do?

Thanks

Chris

View/reply at DKIM - Multiple Domains
--MD-Configuration---------------------------------------------------
This list is for questions about the configuration of MDAEMON. To 
unsubscribe from this mailing list send an email to 
md-configuration-unsubscribe@mdaemon.com .
--POWERED BY MDAEMON!------------------------------------------------

---------------------------------------------------------------------
These forums are provided by MDaemon Technologies for user-to-user 
support and discussion.  MDaemon staff members may participate in the 
forums periodically but please recognize that this is not the official
method of receiving technical support. To receive personal technical 
support please use the form here:
http://www.mdaemon.com/Support/RequestSupport/
---------------------------------------------------------------------


--MD-Configuration---------------------------------------------------
This list is for questions about the configuration of MDAEMON. To
unsubscribe from this mailing list send an email to
md-configuration-unsubscribe@mdaemon.com .
--POWERED BY MDAEMON!------------------------------------------------

---------------------------------------------------------------------
These forums are provided by MDaemon Technologies for user-to-user
support and discussion.  MDaemon staff members may participate in the
forums periodically but please recognize that this is not the official
method of receiving technical support. To receive personal technical
support please use the form here:
http://www.mdaemon.com/Support/RequestSupport/
---------------------------------------------------------------------



  All MessagesOldest ItemsOlder ItemsNewer ItemsNewest Items


 Content:

Read New | Search

 Guest:

Email to Admin

You are visiting as a Guest user.