DKIM

Outgoing emails sent through the smtp.forpsi.com server can be signed using DKIM. DKIM signature allows verifying that the message originates from an authorized mail server for the given domain. DKIM is an abbreviation for DomainKeys Identified Mail, which is a technique for email origin verification using asymmetric encryption.

Mail servers often require legitimate emails to have a valid DKIM signature. Therefore, we recommend enabling DKIM signing for outgoing messages.
 
For new hosting accounts that meet the following conditions, DKIM is automatically activated:

  • The domain is in the same customer account as the hosting.
  • The domain uses our DNS servers.

DKIM is also active for most previously created hosting accounts that meet the above conditions.

You can check the DKIM status for your domains in the customer administration.


Activating DKIM

Log in to the customer administration and go to the hosting management section.

How to go to the hosting management


Go to the DKIM tab.
DKIM is activated separately for the main domain and separately for alias domains.
Click on Activate DKIM for the respective domain.

The next steps differ depending on whether you have both the domain and hosting in the same account and whether the domain uses our DNS servers.

Domain and hosting in the same account, DNS FORPSI
If the conditions are met, that is, the domain and hosting are in the same customer account, and the domain uses our DNS, the necessary TXT record is automatically set. Just click Ok.


Domain and hosting in different accounts, DNS FORPSI
If the domain and hosting are in different customer accounts, and the domain uses our DNS, a TXT record will be displayed. You need to add this record to the DNS settings as a TXT type with the appropriate hostname and value (which you can copy using the "Copy value" button).

After setting the TXT record, wait for about half an hour for the changes to take effect. 


Using foreign DNS servers

If the domain uses foreign DNS servers, after clicking Activate DKIM, you must choose whether to activate a 1024-bit or 2048-bit key

It depends on what keys your DNS servers support. Our support can provide you with this information for the most commonly used DNS servers. DNS servers like Acive24.cz, Cloudflare.com, Gransy.cz, Ignum.cz, Onebit.cz, Regzone.cz, Shoptet.cz, Webglobe.cz, Websupport.cz, Wedos.cz, and Wixdns.net support the 2048-bit key.

For others, you need to contact their support to get this information. If you are unsure, select the 1024-bit key. After selecting the key, click "Select."

The public key will be displayed, which you then set in the DNS records administration as a TXT record with the corresponding hostname and value (which you can copy using the "Copy value" button).
After setting the TXT record, wait for about half an hour for the changes to take effect.

After clicking "Ok," a message will appear for the domain, indicating that the TXT record is not set. If you need to view it later, click View public key - TXT record


After setting the TXT record, it is checked whether the TXT record is set correctly and if it needs any corrections. If it is not valid, check the TXT record in the domain's DNS settings

Note: If the domain does not have a TXT record set for DKIM, outgoing emails from this domain will not be signed using DKIM on the server smtp.forpsi.com.

Note: DKIM activation applies only to emails sent through the server smtp.forpsi.com. Signing emails sent from a website using the mail() function or another SMTP server needs to be addressed differently, such as using the phpmailer class for DKIM signing directly via PHP or sending emails from PHP scripts through the smtp.forpsi.com server.

Note: Emails that the smtp.forpsi.com server identifies as spam will not be signed using DKIM.