DKIM Core is just a subset of DKIM, so any smarthost or appliance that does DKIM signing can be used to attach DKIM Core tokens.
The details of how to configure this will vary depending on the details of the DKIM signer, but it should be configured as follows:
| Header canonicalization: | relaxed |
| Body canonicalization: | simple |
| Signing algorithm: | rsa-sha256 |
| Signing domain: | the DKIM Core token |
| User or Agent Identity: | leave empty |
| Body length count: | leave empty |
| Query method: | leave empty |
| Selector: | use a selector generated as described above |
| Signature timestamp: | disable |
| Signature Expiration: | disable |
| Copied header fields: | none |
| Key granularity: | disable, or set to “*” if that isn’t possible |
| Key type: | rsa |
| Acceptable hash algorithms: | leave empty |
| Notes: | set to “core” |
| Service Type: | disable |
| Flags: | set to “s” |