Amazon SES and BYODKIM

I started testing Amazon SES and didn't want to use their ugly EasyDKIM domains so I went for the BYODKIM. Never having to generate my own DKIM key I did a bit of searching and it's really simple.

  1. Generate a 2048 (or 1024) bit RSA key: openssl genrsa -out dkim.priv 2048
  2. Split the public key out: openssl rsa -in dkim.priv -pubout -out
  3. You need to remove the header, footer, and new lines to paste into the SES console: cat dkim.priv | sed '1d;$d' | tr -d '\n'
  4. Create a TXT DNS record for the public key with this value: echo "v=DKIM1\; k=rsa\; p=$(cat | sed '1d;$d' | tr -d '\n')"

Now wait a bit and you should see your domain validated in the SES console.