I started testing Amazon SES and didn't want to use their ugly EasyDKIM domains so I went for the BYODKIM. Never having to generate my own DKIM key I did a bit of searching and it's really simple.
- Generate a 2048 (or 1024) bit RSA key:
openssl genrsa -out dkim.priv 2048 - Split the public key out:
openssl rsa -in dkim.priv -pubout -out dkim.pub - You need to remove the header, footer, and new lines to paste into the SES console:
cat dkim.priv | sed '1d;$d' | tr -d '\n' - Create a TXT DNS record for the public key with this value:
echo "v=DKIM1\; k=rsa\; p=$(cat dkim.pub | sed '1d;$d' | tr -d '\n')"
Now wait a bit and you should see your domain validated in the SES console.