Adding a DKIM record to your DNS is quite simple. Add two txt records like

_domainkey.domain.com          IN TXT o=!;r=postmaster@domain.com
selector._domainkey.domain.com IN TXT v=DKIM1;k=rsa;p=<public key>

Which means:

• o=~ the server signs some mail
• o=- all mail is signed, but unsigned mail should be accepted
• o=! all mail is signed, do not accept unsigned mail
• t=y I’m still testing
• v=DKIM1 we use DKIM version 1
• k=rsa it is a RSA key
• r=<x@xx> report problems to this email address
• p=<public key> this is my public key

To hide your version of bind, enter the following value to your named.conf

version "[NONE]";

in the option section:

options {
directory "/var/lib/bind";
version "[NONE]";
};

Check the value with this command:

dig @dns.server.tld -c CH -t txt version.bind