The easiest way to brand and whitelabel your email messages with your own DKIM signature is with the “Custom” signing option. Now available on all SocketLabs On-Demand plan levels, the “Custom” option requires only the establishment of a single CNAME record in the DNS of your domain. The SocketLabs On-Demand Control Panel will perform a verification of your CNAME record before allowing for this feature to be enabled.
Creating a CNAME record is relatively simple process that is handled by the provider that manages your domain’s DNS settings. This could be your website hosting provider, your domain registrar, or a third party service like Amazon’s Route 53.
The benefits of using this method of DKIM whitelabeling is that it allows SocketLabs to remain in control of both the private and public DKIM keys. This allows you to get the benefit of custom DKIM signatures without the hassle of managing and rotating custom DKIM keys yourself. For email experts looking for more refined control on the DKIM signatures of their messages, please see our Advanced DKIM signing option: http://support.socketlabs.com/kb/114/
SocketLabs does not provide technical support for managing your DNS settings, please contact your DNS provider for more information about establishing a CNAME record. SocketLabs is aware that some providers do not support the underscore character “_” in CNAME entries. If your DNS provider does not support this you will be required to use the Advanced DKIM integration option referenced above.
The CNAME entry that should be created is as follows:
dkim._domainkey.yourdomain.com CNAME IN dkim._domainkey.email-od.com
So if your domain were example.com you would create the following record:
dkim._domainkey.example.com CNAME IN dkim._domainkey.email-od.com
Depending on the TTL settings of your DNS records it could take 24 to 48 hours before SocketLabs will be able to verify your CNAME entries. If we are unable to verify your DNS entry then it is likely that mailbox providers will also be unable to verify your entry. DKIM signatures without the matching DNS entries could hurt inbox placement rates so patience is required.
Important note: Custom DKIM signatures will only be applied to messages that have a Purported Responsible Address (PRA) at the domain in which a custom signing option has been established. In most cases the PRA is the From Address, or the Sender Address.
For more information about DKIM authentication technology please see our other knowledgebase article: http://support.socketlabs.com/kb/112/
For more information about SPF authentication please see our related knowledgebase article: http://support.socketlabs.com/kb/98/
Further questions about DKIM signing and email authentication can be directed to SocketLabs Support Department: Support@socketlabs.com