Proposal to Add DKIM to Linode Events Notification
Steps to reproduce:
1. If not already done, enable “Events Email Notification” at
2. Reboot any Linode server
3. You'll receive the Linode’s automated email notification within seconds. Notice that it is not sign by DKIM. This is the challenge. The original email header reads:
Received: from mail2.linode.com (mail2.linode.com [173.255.198.11]) by <masked>; Fri,
9 Feb 2018 08:15:06 -0800 (PST)
Received: from webserver1.linode.com (<masked>) by mail2.linode.com (Postfix) with ESMTP id <masked>; Fri,
9 Feb 2018 11:15:05 -0500 (EST)
Date: Fri, 9 Feb 2018 11:15:05 -0500 (EST)
From: Linode Alerts <noreply@linode.com>
To: <masked>
Message-ID: <<masked>@mail2.linode.com>
Subject: Linode Events Notification - <masked>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
X-Mailer: ColdFusion 11 Application Server</masked></masked></masked></noreply@linode.com></masked></masked></masked>
Why add DKIM?
• For those not familiar with DKIM, watch this short 2 minutes video at
• More secure. It's much harder to spoof a email signed by DKIM.
• Easier to filter spam. Read more at
• Reduce risk of false spam, and phishing. Otherwise the email message is automatically either tag as spam or blocked. Read more at
• Compatibility. An increasing amount of software, and vendors requires DKIM. Read more at
• Protocol overhead. Read more at
• Non-repudiability. Read more at
If needed I would be happy to contribute testing
Thanks to dubidubno for the idea about this proposal
2 Replies
As a side note, I'd like to mention that my personal experience with DKIM hasn't been as good as I expected. In other words, DKIM made no difference in practice, none whatsoever.
Deliverability didn't improve, I still see a lot of problems with outlook/hotmail/microsoft. Almost all the remote servers that I've seen don't check DKIM signatures, I tested this by sending emails with broken DKIM signatures and the emails still got delivered.
From my receiving side, I see tons of spam that got through with valid DKIM signatures and valid SPF records. Looking at my stats, the number of emails blocked by DKIM are rather insignificant (not even worth a rounding error).
I think we need wider adoption, but it seems admins find it very hard to install DKIM.
I'd like to hear from others about their experience with DKIM, do you get difference results?