Support for DKIM in Messaging Server
Last updated on AUGUST 01, 2017
Applies to:Oracle Communications Messaging Server - Version 6.3 and later
Information in this document applies to any platform.
DomainKeys Identified Mail (DKIM) allows senders to associate a domain name with an email message, thus vouching for its authenticity. This is done by "signing" the email with a digital signature, a field that is added to the message's header. A "signature" is generated by the sending mail transfer agent (MTA) using an algorithm, applied to the content of the signed fields, which creates a unique string of characters, a "hash value." When the signature is generated, the public key used to generate it is stored at the listed domain. After recieving the email, the recipient MTA can verify the DKIM signature by recovering the signer's public key through DNS. It then uses that key to decrypt the hash value in the email's header and simultaneously recalculate the hash value for the mail message it recieved. If these two match, then the email has not been altered. This gives users some security knowing that the email did actually originate from the listed domain, and that it has not been modified since it was sent."
It is possible to digitally sign and verify emails using the DKIM technology through the use of a third party DKIM milter server, for example dkim-milter and the milter-client plugin provided with Messaging Server 6.3 or higher. Please note that since DKIM is a third party product, we do not support it in of itself.
$ ./opendkim -V
opendkim: OpenDKIM Filter v2.8.4
Compiled with OpenSSL 1.0.1e 11 Feb 2013
libmilter version 1.0.1
Supported signing algorithms:
Supported canonicalization algorithms:
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms