DKIM attaches a new domain name identifier to a message and uses cryptographic techniques to validate authorization for its presence. The identifier is independent of any other identifier in the message, such in the author's From: field. DKIM is a way of 'signing' emails to prove they came from you. It is a form of email authentication that works via a digital signature and makes it easier to identify spoofed emails. The sending mail server signs the email with the private key, and the receiving mail server uses the public key in the domain's DNS information to verify the signature. One domain can have several DKIM keys publicly listed in DNS, but each matching private key is only on one mail server. When you send emails through the LUCY mail server and have this option enabled, they will be automatically signed.
Step 1: Within the message template of your Attack Scenario, scroll down to "Advanced Email Settings", click on DKIM support and save the changes. A DKIM info box will appear:
Step 2: Then copy the key and create an according DNS entry. Here is how the correct DNS entry looks like with namecheap.com:
Other configuration links for different providers:
Step 3: Validate your settings. Add a mail from a site like http://dkimvalidator.com/ into your DKIM test recipient group, then start the campaign with that group and analyze the results on http://dkimvalidator.com/. If you configured LUCY and the DNS entry correctly, you should see a status like in the following screenshot:
Note: Lucy sends out DKIM-signed emails with "mail.domainkey_" part built-in and before LUCY 3.2 there is no configuration option to change that. Same for the DKIM header, which is fixed.
Here is an example DKIM signature (recorded as an RFC2822 header field) for the signed message:
DKIM-Signature a=rsa-sha1; q=dns; d=example.com; i=user@eng.example.com; s=jun2005.eng; c=relaxed/simple; t=1117574938; x=1118006938; h=from:to:subject:date; b=dzdVyOfAKCdLXdJOc9G2q8LoXSlEniSb av+yuU4zGeeruD00lszZVoG4ZHRNiYzR
Let's take this piece by piece to see what it means. Each "tag" is associated with a value.
We can see from this email that: