Help Center

Adding a DKIM Signature

DomainKeys Identified Mail (DKIM) is an email authentication standard that allows you to sign email messages from your domain with a digital signature using public-key cryptography. By adding a DKIM signature to messages sent through the MailChannels Send API, you can prevent others from spoofing your domain, if used in combination with a sufficiently strong Domain-based Message Authentication, Reporting & Conformance (DMARC) policy.

To add a DKIM signature to a message, add the following fields to the personalization object for the message:

  • dkim_domain: This is the domain (d=) field for the DKIM signature. To pass DMARC, this should be aligned with the domain in the From header address.
  • dkim_selector: This is the selector (s=) field for the DKIM signature. It specifies where to find the associated public key in the DNS - see the DKIM specification for more details.
  • dkim_private_key: The base-64 encoded private key.

See below for a full example of sending a message from a Cloudflare Worker with a DKIM signature:


addEventListener("fetch", event => {
    event.respondWith(handleRequest(event.request))
})



async function handleRequest(request) {

    let send_request = new Request("https://api.mailchannels.net/tx/v1/send", {
        "method": "POST",
        "headers": {
            "content-type": "application/json",
        },
        "body": JSON.stringify({
            "personalizations": [{ 
                "to": [ {"email": "test@example.com",
                          "name": "Test Recipient"}],
                "dkim_domain": "example.com",
                "dkim_selector": "mcdkim",
                "dkim_private_key": "<base64 encoded private key>"
            }],
            "from": {
                "email": "sender@example.com",
                "name": "Test Sender",
            },

            "subject": "Test Subject",
            "content": [{
                "type": "text/plain",
                "value": "Test message content\n\n" + content,
            }],
        }),
    });


    let respContent = "";
    // only send the mail on "POST", to avoid spiders, etc.

    if( request.method == "POST" ) {
        const resp = await fetch(send_request);
        const respText = await resp.text();

        respContent = resp.status + " " + resp.statusText + "\n\n" + respText;
    }

    let htmlContent = "<html><head></head><body><pre>" +
        "</pre><p>Click to send message: <form method="post"><input type="submit" value="Send"/></form></p>" +
        "<pre>" + respContent + "</pre>" +
        "</body></html>";

    return new Response(htmlContent, {
        headers: { "content-type": "text/html" },
    })
}

 

Reference documentation is available at https://api.mailchannels.net/tx/v1/documentation

Cloudflare has some documentation on creating a DKIM record here: https://www.cloudflare.com/en-ca/learning/dns/dns-records/dns-dkim-record/. There are various services that will help you create a DKIM key pair if you do not already have one. Here are a few:

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

Comments

Please sign in to leave a comment.