DKIM signatures to Rails application using Amazon SES

Question

We're using the ActionMailer with SMTP as our delivery method and Amazon SES as our outgoing mail provider.

We want to sign the emails with DKIM. How can we do that?

Thanks

Answer 1

I haven't used DomainKeys Identified Mail (DKIM) via ActionMailer with Amazon SES myself yet, but here's how I'd approach it:

• Review Authenticating Email with DKIM and take note of the closing note specifically:

Note

If you are using the Amazon SES SMTP interface to send email, and your client software automatically performs DKIM signing, you should check to ensure that your client does not sign any of the headers listed above. We recommend that you check the documentation for your software to find out exactly what headers are signed with DKIM.

• Checkout John Hawthorn's DKIM signing library (see his Introducing the dkim gem as well); section Usage With Rails shows how to sign all ActionMailer deliveries:

# Configure dkim globally (see above)
Dkim::domain      = 'example.com'
Dkim::selector    = 'mail'
Dkim::private_key = open('private.pem').read

# UPDATE [John Hawthorn]: SES developer guide recommends against signing these
Dkim::signable_headers = Dkim::DefaultHeaders - \
    %w{Message-ID Resent-Message-ID Date Return-Path Bounces-To}

# This will sign all ActionMailer deliveries
ActionMailer::Base.register_interceptor('Dkim::Interceptor')

Update

John Hawthorn has updated the code fragment with the required SES exceptions (see respectively commented line above), confirming that his apparently excellent dkim gem is indeed If the mentioned SES/DKIM header exception requirements can be met by the dkim gem,this looks like a remarkable easy way to achieve your goal - thanks John!