What is DKIM
DKIM stands for DomainKeys Identified Mail. It is an email authentication method used to verify the authenticity of an email message and detect email spoofing or tampering. DKIM allows the sender to digitally sign their outgoing emails using cryptographic signatures.
When an email is sent with DKIM, the sender’s domain adds a digital signature to the message header using their private key. The recipient’s mail server can then use the public key published in the sender’s DNS (Domain Name System) records to verify the signature.
The DKIM signature includes a hash of specific email header fields and the email body. If any modifications are made to the message during transit, the signature verification will fail. This helps to ensure the integrity and authenticity of the email.
In NetSuite, emails from NetSuite will look like sent with the sender’s address and name, but from [email protected]. This kind of emails could be rejected by some email service providers.
How to Set Up DKIM for your NetSuite account
NetSuite Setup
- With Administrator access, go to SETUP > COMPANY > EMAIL PREFERENCES.
- In the “Domain Keys” tab, you can enter a test email in the “Email Address to Receive Test Response” field. You will receive an Authentication Report once the configuration is completed.
- Click on the “Generate Key Pair” button to have NetSuite generate a private and public key for you.
- Next, you’ll need to enter a Domain Selector and a Domain Name.
- The NetSuite help documentation describes Domain Selector as: “In this field, enter where the public key is located in the DNS entry of the domain. Do not include the ._domainkey suffix that you include when setting up your domain with your domain provider. This is the same domain selector you enter when setting up the domain with your domain provider”. In this case, I put the domain name without dot net here, like
netsuiteful. - Enter the domain name that you wish your emails look like to be sent from, like
netsuiteful.com - Tick the active box.
- The NetSuite help documentation describes Domain Selector as: “In this field, enter where the public key is located in the DNS entry of the domain. Do not include the ._domainkey suffix that you include when setting up your domain with your domain provider. This is the same domain selector you enter when setting up the domain with your domain provider”. In this case, I put the domain name without dot net here, like
- Once you enter these values, you can submit the line and click the “Generated DNS Entry” to see the official DKIM information. Keep the popup window open until you complete the whole configuration process.
DNS Provider Setup
Go to your domain control panel and add 2 TXT records to your DNS records.
Add DKIM
Copy what you got from the last step and create a DNS record below:
Name: netsuiteful._domainkey
Value: v=DKIM1;k=rsa;p=ABCDEFGHIJKabcdefghjk
Add/Edit SFP
You are very likely to see this DNS record below. You may create it by yourself if no SFP exists
Name: netsuiteful.com
Value: v=spf1 include:spf.protection.outlook.com ~all
Add include:sent-via.netsuite.com between v=spf1 and trailing ~all, and do not forget to place a space around every include: then you are good to go.
Comments