DomainKeys is a sender authentication technology used to prevent spammers from spoofing mail headers and launching phishing attacks. Domain Key adds Digital signature to all the Outgoing mail to Internet and receiver domain will validated the receiving emails from the DNS TXT record.
Domain owners has to generate public and private key pair and Public key is published in the DNS as TXT record and private key is used to sing on the receiver outgoing emails. With Digital Signature receiving Domain verifying the incoming emails from the legitimate mail server for that domain. The sender of an email message is authenticated
by querying the sending domain’s DNS TXT records. This prevents external spammers to forge the header and send spam mails.
Below is the example of the domain key DNS TXT Entry
Selector._domainkey.domain.com IN TXT “k=rsa; t=y; p=ABCXYXWITHADASDFWv60IpRT/AduJ6tGqHwuCW0ycbc68yNxnhpqAT5aILkUB7uAmQV17jykxr6YG2Wwq
If Domain key fails in the receiving domain then suitable action will be taken bases on the configuration of the receiving domain.
If sender domain is not configured with domain key then receiver will not find digital signature then emails are processed normally
Steps to Implement
1. Generate Public Key and Private Key
2. Public private in the Internet DNS TXT record for the domain in the test mode (t=y as given in the above example)
3. http://domainkeys.sourceforge.net/selectorcheck.html – Test the configuration from the link
4. Bring into live
Below link will provide you more details on the below domain key and testing of the same