Nowadays, email security has become an integral part of corporate communication strategies. In this context, cloud-based services such as Exchange Online DomainKeys Identified MaiL (DKIM) plays a critical role in email security. In this article, Exchange Online a DKIM We will cover what registration is, its advantages and how to structure it.
What is a DKIM Record?
DKIMis an email authentication method that allows email messages to be digitally signed by the domain to which they are sent. DKIM registration as part of the email infrastructure Domain Name System (DNS) a special addition to the records TXT This record is used to verify whether the e-mail message was actually sent by the domain it claims to have been sent from.
DKIM verifies a digitally signed message, which appears in the DKIM-Signature header in the Header section of the message. The results of the DKIM-Signature verification are stamped in the Authentication-Results header.
Advantages of Exchange Online DKIM Record:
- Reliability and Accuracy: DKIM, allows receiving servers to verify that the source of the email is reliable and that its content has arrived unchanged.
- Protection Against Phishing and Spoofing Attacks: DKIM, adds a layer of protection against spoofed email attacks. Recipients can verify that an email really came from the domain in question.
- Reputation management: DKIM Emails signed with are less likely to be marked as spam by spam filters, increasing the chances of sent emails reaching recipients' inboxes.
- Compatibility: DKIMis a globally accepted standard and is supported by various email service providers.
How to Enable DKIM in Exchange Online?
To enable DKIM in Exchange Online, first https://security.microsoft.com/ We need to log in to the address.
https://security.microsoft.com/ – Policies & Rules – Threat Policies – Email authentication settings steps are followed.
In the Email Authentication section, we come to the DKIM page and we can view all our domains registered in Tenant.
We click on the domain we will process and create our DKIM keys with the Create DKIM keys button.
We create the CNAME records given to us in the Publish CNAMEs section through our DNS provider.
After creating the CNAME records that we received from Exchange Online in our DNS panel, we need to wait a short while.
When we want to activate DKIM Signatures without performing the waiting process, we may receive an error like the one below.
Client Error
|Microsoft.Exchange.Management.Tasks.ValidationException|CNAME record does not exist for this config. Please publish the following two CNAME records first. Domain Name: cengizyilmaz.com.tr Host Name: selector1._domainkey Points to address or value: selector1-cengizyilmaz-com-tr._domainkey.yilmaz33.onmicrosoft.com Host Name: selector2._domainkey Points to address or value: selector2-cegizyilmaz -com-tr._domainkey.yilmaz33.onmicrosoft.com . If you have already published the CNAME records, sync will take a few minutes to as many as 4 days based on your specific DNS. Return and retry this step later.
Sign messages for this domain with DKIM signatures by setting the section to Enabled DKIM We have completed the Validation step.
We have completed the activation process, we will be able to add a DKIM key to each e-mail we send.
DKIM Record Query,
We can query the DKIM record we published for Exchange Online with mxtoolbox.com.
I perform our first query for the selector1 key provided by Exchange Online and I can view the accuracy of our 2048 bits key.
Now we will perform the same operation for selector2.
Result:
DKIM registration for Exchange Online strengthens email security, protects corporate reputation, and sets a standard for secure communication. This configuration makes companies more resilient to cyber threats that can occur via email. Especially when using enterprise-level email services, proper implementation of DKIM should be an important part of your organization’s cybersecurity strategy.
One comment on “How to Enable DKIM in Exchange Online?”