DKIM works by adding a digital signature to outgoing email messages. This signature can be verified by the receiving email server, which can then determine whether or not the message has been tampered with during transit. In order for DKIM to work, the sending email server must generate a cryptographic signature, which consists of a private key and a public key. The private key is used to sign outgoing email messages, while the public key is published in the Domain Name System (DNS). When an email message is signed with DKIM, the signature is added as a header to the message. The receiving email server can then use the public key to verify the signature and confirm that the message has not been altered.
Steps to Configuring DKIM Record for Blackbaud
To obtain your DKIM keys and enable DKIM authentication for your domains, contact Blackbaud support staff. You will receive a DKIM key pair from Blackbaud’s support that will include:
A DKIM public key: which should be published in your public DNS.
A DKIM private key: used by Blackbaud to sign your outgoing emails.
How to Get Your DKIM Public Key Available for Blackbaud
Once you have received your public key from Blackbaud support staff follow these steps to publish your DKIM Key
Log in as the administrator to your DNS provider’s administration console.
Go to the DNS records section of each of your domains.
Depending on the type of DKIM record that has been provided to you, create a TXT or CNAME record.
Copy and paste the hostname and value
Save your record’s changes and wait 48–72 hours for your DNS to take effect.
You can use Skysnag’s free DKIM Checker to check the health of your DKIM record here
Skysnag helps busy engineers enforce DMARC, responds to any misconfigurations for SPF or DKIM which increases email deliverability, and eliminates email spoofing and identity impersonation.
