What is DKIM

DKIM stands for DomainKeys Identified Mail and is used for the authentication of an email that’s being sent. It is a stronger version of SPF which requires a little additional setup. 

OpenCRM needs to be able to prove that it is allowed to send an email on your behalf by signing your emails with a key which matches one setup on your domain. (The difference with SPF is that you just tell your domain that OpenCRM's server is allowed to send on your behalf).

Additionally DKIM allows the receiving server to prove that the email has not been changed between it leaving OpenCRM and arriving at its recipient's mailbox.

Some config is needed to setup the DKIM keys in OpenCRM and the matching key in your domain.

This is achieved using public and private key pair, the public key is added to your DNS so mail servers and clients can confirm the email hasn't changed, and the private key is stored encrypted in your OpenCRM system

An additional level of security called DMARC allows you to specify on your domain that ALL emails sent from your domain must be DKIM signed. If you have this setup or don't but would like to, then it is important that you setup OpenCRM with DKIM. 

Getting Technical!

The private key is used to generate the signature based on the content of the email, the public key is used to verify it but can't be used to sign it

As the private key can only be held on systems authorised to send emails this also verifies that the email came from a trusted source.

See: Configuring OpenCRM to Send Emails Using DKIM


Need More Help?

If you have any questions, just start a Live Chat, "Click" on the Chat Icon in the lower right corner to talk with our support team.