What are DKIM (Domain Keys Identified Mail) Records?
Domain Keys Identified Mail (DKIM) records allow a recipient to validate a sender as the owner of an email message. Domain Keys use public key encryption to apply digital signatures to email, this allows verification of the sender as well as of the integrity of the message in question. DK/DKIM records are generated by your email service provider and created as TXT Records within Constellix. Visit the Domain Key public website to learn more.
DKIM Record Fields
|Name||This will be the host name for the record, typically a computer or server within your domain. It is important to note, the domain name is automatically appended to the “Name” field of the record. For example, defining www.example.com in DNS would be creating an A record with the name field of “www” within the example.com domain. If the “Name” field is left blank, it represent the root record of the domain. The root record for the base domain can also be referred to as the apex record and is represented in a @ symbol in some documentations. Typically DKIM records would have a blank name field.|
|Value||The DKIM string for your domain.|
|TTL||The TTL (Time to Live) in seconds is the amount of time the record will cache resolving name servers and in web browsers. The longer the TTL the less frequent remote systems will lookup the DNS record and the less query traffic the domain receives. The shorter the TTL the faster DNS changes propagate in servers that have cached data, however the higher the volume of query traffic the domain receives.
Records configured with Failover or that change often should have TTL’s set anywhere from 180 to 600 (3 to 10 minutes cache).
Records that are static and don’t change often should have TTL’s set between 1800 (being on the low end) to 86400 seconds (30 minutes to 1 day cache).
If a change is needed for a record with a high TTL, the TTL can be lowered prior to making the change and then raised back up again after.