This article will show you how to set up a sending identity so that Amazon SES generates a public-private key pair and automatically adds a DKIM signature to every message that you send from that identity.


The procedure in this section shows you how to set up Easy DKIM for your domain. If you setup Easy DKIM for your domain, then you can start sending email from that domain, even if you haven't completed the procedure to verify a domain.



To set up Easy DKIM for a domain



1. Open the Amazon SES console at https://console.aws.amazon.com/ses/.


2. In the navigation pane, under Identity Management, choose Domains.


3. In the list of domains, choose the domain that you want to set up Easy DKIM for.


Note: If you haven't started the verification process for the domain yet, see the procedures at Verifying a domain with Amazon SES.


4. Under DKIM, choose Generate DKIM Settings.


5. Copy the three CNAME records that appear in this section. Alternatively, you can choose Download Record Set as CSV to save a copy of the records to your computer.

The following image shows an example of the DKIM section.




6. Add the CNAME records to the Valimail Enforce platform.

    Go to your domain's Configuration page in Valimail Enforce and publish the newly created DKIM key.


    a. Click on Add a DKIM key and fill in the info from the newly created Amazon SES keys (one at a time) and then click Add.



7. Once the DKIM keys are published, the DKIM Verification Status will change to: verified


Amazon SES usually detects changes to your DNS configuration within 72 hours.