Originally developed at Yahoo!, DomainKeys Identified Mail has become a global standard in email security and is, together with its sister SPF, absolutely necessary to implement by anyone serious about mailing, especially if you want to send blast emails. In this post, we’ll show you how to setup DKIM and make your email more secure.
What is DKIM?
DomainKeys Identified Mail, or DKIM, is an authentication protocol that links a domain name to a message. The protocol allows you to sign your email with your domain name. The purpose of the DKIM protocol is not only to prove that the domain name has not been usurped, but also that the message has not been altered during transmission.
DKIM is in theory quite simple. It relies on asymmetric encryption and therefore works with any tool developed for such a use. First one has to generate a private/public key pair. Then the public part of the key has to be put as a TXT record to the domain which is used as the sender address. The private key is then used to create a signature for each email. The signature is basically a hash code and computed by taking the content of the email and combining it with the private key using a security algorithm. The signature is then saved as a header of the email.
When a receiving SMTP server detects such a header, it looks up the public part of the key by asking the domain name system (DNS) for the TXT record. One of the beauties of asymmetric encryption is that the keys are like brothers: they share DNA. Using the public key, anyone can tell whether the email was sent by the owner of the domain or not. If this check fails or if the header and therefore the signature does not exist, many email service providers raise an alarm and may, depending on the volume of email sent, decide to mark this email as spam or even to block the sender IP address.
Why should you use DKIM?
The reason is quite simple: along with SPF and DMARC, these are the main protocols for verifying the identity of senders. This is one of the most effective ways to prevent phishers and other scammers from posing as a legitimate sender, whose identity they could impersonate using the same domain name.
But this is not the only advantage. In fact, the implementation of these protocols improves email deliverability. Thanks to these protocols, your emails will be better identified by ISPs (Internet Service Providers) and your recipients’ email clients, which improves the chances of your emails reaching your contacts’ inbox and not the Spam folder.
These protocols have become the standard in the email world. A message sent without DKIM and/or SPF can be considered suspicious by the different email analysis tools.
How to set up DKIM in 3 simple steps
1. Setting up: Configuration of DKIM to generate the key pair
With some DNS providers the setup can be quite tedious, but we would be glad to help you out. Just contact our support!
3. Generating and saving the signature
When using Sendmail or Postfix (the world’s two most popular SMTP server), or any other SMTP server that supports milter, you can use a special milter ( = email filter), the DKIM milter. This milter has been released by Sendmail as Open Source and allows to sign emails with a generated private key. Please have a look at the extensive documentation.
How to set up DKIM with Mailjet
To define Mailjet as a legitimate sender, you must configure your SPF and DKIM for each of your sending domains.
Setting up DKIM with Mailjet is very simple. Mailjet gives you the public key to register through your website host interface. There, you can integrate the public key into your registration area.
Here’s an example of how to do it:
You will find all the necessary information and step-by-step process in our documentation. It is so complete, it even includes support guides for each of the main hosting providers (OVH, Gandi, Cloudfare, Hostgator…).
Share your comments and ideas with us on Twitter, and follow us to be the first to receive our news.
This is an updated version of the blog post “How To Set Up DKIM In 3 Simple Steps” published on the Mailjet blog on March 13, 2014.
It’s International Women’s Day and, all around the world, people are celebrating women, discussing equal rights and telling inspiring stories about the meaningful and strong women in their lives.
At Mailjet, we believe we are responsible for creating positive change, and when it comes to women’s rights and opportunities, it can’t be a one-day-only initiative. Yeah, getting the guys to sing Beyonce’s “Who run the world” at our karaoke nights is a start, but there are many other things a company can do to be a great place where women can succeed.
What makes us so special? Our superheroines tell you all about it!
5 Stories That Show How Mailjet Supports Its Women
Empowering strong female leaders
When asked about female role models, most women could probably name several historical figures, but unfortunately, many of them don’t have the opportunity to see women in leadership roles within their own companies. At Mailjet, we place heavy value on equal opportunities and our leadership team, with 50 % female ratio, is a prime example of the amazing things that can happen when diversity is a top priority.
“Mailjet values female talents and equal opportunity, and the 50% female ratio in the top management team clearly shows that. As one of the chief executives in Mailjet, I am humbled by the responsibility to serve as a role model to other female colleagues across our offices worldwide.
I also feel empowered by Mailjet to lead female team-building activities and find it very easy to build a support network of female colleagues within the company who can advise, mentor and help me both professionally and personally.”
“Let’s face it: being a woman in the male-dominated world of deliverability (any tech industry, really) is tough. How many times have you been the only woman in the room? The strong women who came before us fought hard to give us the chance for our voices to be heard. Now is the time for us to embrace this effort, and for women to become the next generation of leaders in tech.
At Mailjet, a good idea is a good idea. Period. It doesn’t matter if the idea came from a man or a woman. That’s how it should be everywhere else.”
Well, just think about the amount of information you get about the emails you send. We’re sure you love all the detailed stats Mailjet offers, but you wish there was just a way the right ones would come to you, so you wouldn’t need to you looking out for them. Well, luckily, there actually is. Today, we’ll tell you all about webhooks, how to set them up and how to use them to drive your email program.
What is a webhook?
Imagine that you have an online store and you want to offer a special discount for anyone opening your email in the first 24 hours. You can do it manually, by checking your email stats regularly and manually sending those who opened the discount code. But that would take you a lot of time, right?
Or you can do it automatically with webhooks, which will trigger a message with the additional discount to anyone that opens your email. Sounds more efficient, right?
Simply said, webhooks are events that trigger an action. In most cases, they are used for communication between systems. This is the simplest way of getting an alert when something happens in another system. They are called webhooks because they work as software hooks over the web.
How do webhooks work?
Let’s take your bank as an example. When you make a withdrawal using an ATM, the machine checks your balance and gives you the amount you requested. Once this operation is done, your balance is updated and this change triggers an action – an SMS is sent with the details of the withdrawal.
That’s how webhooks work. An action serves as a trigger for another action. The rest is a popular architecture used to communicate between systems.
A webhook is a HTTP callback: a HTTP POST that occurs when something happen – an event-notification via HTTP POST. Webhooks are used for real time notifications, so your system can be updated right when the event takes place.
Most commonly, webhooks are HTTP callback points that are defined by the user. They allow you to register an http:// or https:// URL where the event data can be stored in JSON or XMLformats. After that, you will be able to do what you want with the data you retrieve and store from a certain event.
The core mechanics of webhooks consist on making an HTTP request to a user’s specified URL. A webhook makes an HTTP callback to a URL that has to be configured by the system which receives the data.
That URL is called webhook endpoint. Webhook endpoints need to be public and it’s important that this URL belongs to the receiving system. The callback is triggered whenever there is an event you’d like to notify another system about.
For Mailjet, this webhook is a URL you can add in our system, so you can receive email events, such as “sent” “open, “clicked”, “bounce”, “block”, “spam” or “unsubscribe”. This way, you can either track your messages the whole path, of your message or just “listen” for the status you want.
Let’s go back to the ATM example. When you make the withdrawal, your bank is notified and updates your balance, which is the indication for the system to send you an SMS with all the details.
Webhooks work on the same concept. The ATM is a third-party app/site (webhook provider) that sends a signal when a specified event occurs. The system that sends you the SMS is what is known as the “listener”. The listener is the URL that receives the webhookscalls and performs a predefined action after that – in this case, sending the SMS. Webhooks are a programming mechanism designed to receive data that originates in some external system, in real time. In this case, that system is the bank account. Is it clearer now?
But what sort of things can you do with webhooks? Among other things, you can:
Synchronize systems in real time;
Send any kind of notification;
Process the data however you want;
And almost anything else you can think about!
Why do we need webhooks?
There are two ways your apps can communicate with each other to share information: pollingand webhooks. In our example with the bank, polling would be going to your bank and asking what your balance is each time you make a withdrawal.
Nowadays, everyone needs a simpler way to get data out in real time, so they can easily do whatever they want with it. That means, no polling every minute for large exports that your system would then need to parse, risking a system overload or losing the data if there’s a bug. Using HTTP is a simpler and easier solution, as webhooks are automated messages sent from apps when something happens.
Source: Cloud Elements – check out their post to learn more about the difference between polling and using webhooks.
There are two ways you can use webhooks:
To receive the event information and store it;
To receive the event information and pass it on;
Let’s look into these two scenarios closer.
To receive the event information and store it:
The so called “push” is the simplest way to use webhooks. As we already mentioned, there is no need to be polling your data every few minutes to find out if there is new information. You can just get the new information directly by using webhooks. You will be able to store it till you need it for something else. Basically, the system you configured with your webhook will PUSH the information you need when it arrives.
To receive the event information and pass it on:
The so called “pipe” happens when your webhook not only receives the information for which it listens, but goes on to do something new with it, like triggering actions. You could create a script, register its URL on your site, and send an email when a visitor creates an account. Or create a script that updates the quantity of products available every time a new purchase is made.
With webhooks, you can actually do whatever you want or need! And it is simple and efficient, because you are not wasting your time requesting for enormous amount of data – you are receiving the new data when it arrives!
How can you use webhooks with Mailjet?
With webhooks, you can easily receive each open or click event right after it happens, or track bounces and blocks as they happen. Imagine that in 15 minutes more than 60% of your emails to a destination are blocked? Thanks to the events you are receiving in real time, you’ll be able to detect this immediately and take action.
You can always use the events to create your personalized dashboard in whatever internal application you use, to process the data you want as you wish. You’ll only have the events you need and track the most relevant data. Or you can use the events received on your webhook as triggers for a new email to be send, to create a personalized automated flow for all of your users.
Mailjet event examples
Let’s dig a bit deeper into what the events you receive on those webhooks look like.This is what you’ll get when you receive an open event:
Here you can also see what the error was, in the field “error”. In this case, the error indicates it’s an “unknown user”, which lets you know that it is better not to try and reach out to this user again. This could be used to synchronize two systems to clean your lists from inactives or incorrect contacts.
In shortly, you can do anything with the events you receive from Mailjet. Use them in your configuration and create what you need!
How can you configure a webhook with Mailjet?
First off, you’ll need the URL from the system from which you want to receive the events. Once you’ve got that, everything else is really simple. That URL will accept data and can activate a workflow to turn the data into something useful. There are two ways to configure your webhooks in Mailjet.
Using our API;
Using our interface;
Using our API
You will need to make one simple call to setup the URL you want to use. Here’s the call:
This URL will listen for open events. Each time anyone opens your email you will receive an open event like the one we saw above. Then you can either just store the data or trigger an action, such as sending a new email.
See, it is simple! One call and everything is done. Check out our documentation to get started.
Using our interface
We offer the option to configure the webhook from our interface as well. You can do it from the “My account” page, on the section “Rest API”. You’ll need to choose the option “Event tracking (triggers)”
You’ll be able to add one webhook for all events, or set up specific ones for each type of events.
You will be able also to test the URL you specified to ensure it’s working properly. If all goes well, it will return a 200 OK HTTP. Any other HTTP code will result in our server retrying the request later.
Our system will retry following these rules:
10 attempts, with 30 seconds between each attempt;
After that:10 attempts, with 30 minutes between each attempt;
If none of these attempts work, the URL will be suspended;
Keep an eye on your webhook for any responses other than a 200 OK. 😉
And this is it! You have a functional webhook that can receive your email events. Use this in your configuration to have your own statistics or custom workflows.
Now you know what a webhook is and why this is the easiest way to track any type of events over the web. Just set up your “listener” and decide what to do with the events it catches.
Using Mailjet’s events will help you track everything that happens with your emails. This is the perfect way to clean your lists or to create your own dashboard in your company’s internal application.
If you want to be the first to know about the latest tech trends or how to use Mailjet, follow us on Twitter and Facebook.