Rank: Newbie
Groups: Registered
Was thanked: 3 time(s) in 3 post(s)
Install and Deploy DKIM in Exchange Server (2013/2010/2007) In this topic, I will introduce how to add DKIM signature to outbound emails in Exchange Server. I will also introduce the usage of DKIM "selector" and "sender rule".
How DKIM works? When an email claims to originate from a certain domain, DKIM provides a mechanism by which the recipient system can determine that the email is authorized to be sent by that domain. The work flow is illustrated as follows:
Edited by user Monday, May 11, 2015 6:44:09 PM(UTC)
| Reason: Not specified
1 user thanked norman623 for this useful post.
Rank: Newbie
Groups: Registered
Was thanked: 3 time(s) in 3 post(s)
How to install DKIM in Exchange Server? To deploy DKIM signature in Exchange Server, you should download the DKIM Installer and install it on your machine.
https://www.emailarchite...oad/eaexchdomainkeys.exe Double click installer file and the installation will be executed automatically.
After the installation is complete, click "DKIM Plugin Manager" from "Windows Start menu"->"All Programs"->"EA DKIM for IIS SMTP and Exchange Server" to begin the configuration.
Edited by user Monday, May 11, 2015 6:31:59 PM(UTC)
| Reason: Not specified
Rank: Newbie
Groups: Registered
Was thanked: 3 time(s) in 3 post(s)
Create DKIM for Domain Click "DKIM" in Manager and click "New" to create a new domain DKIM signature. DKIM signature is based on the domain of sender email address, it is unrelated to the name of Exchange server.
You can simply input your sender domain, use default settings for other parameters, finally click "Save" to create your DKIM signature.
Rank: Administration
Groups: Administrators
Thanks: 9 times
DKIM Parameters Here is the detailed information about DKIM parameters:
Rank: Administration
Groups: Administrators
Thanks: 9 times
Export DKIM Public Key As I have introduced, because The recipient mail system need to use public key to verify DKIM signature, so we need to deploy DKIM public key to domain DNS server, then recipient server can query DNS server to get public key.
Now open DKIM manager and select your domain and click "Export Public Key":
After the public key is exported, you should deploy it in your domain DNS server.
Rank: Administration
Groups: Administrators
Thanks: 9 times
Deploy DKIM Public Key to Windows DNS Server If your domain is managed by Windows DNS server, you should deploy DKIM public key like this:
Rank: Newbie
Groups: Registered
Add DKIM policy in Windows DNS Server (Optional*) This DNS record is optional. If you do not set DKIM policy, and then "o=~;" is used by default.
The work flow is illustrated as follows:
Rank: Newbie
Groups: Registered
Was thanked: 1 time(s) in 1 post(s)
Deploy DKIM public key in "Network Solutions" DNS server, Bind DNS server or other DNS server If your domain is managed by "Network Solutions" DNS server, Bind DNS server or other DNS server, you should deploy public key like this:
Rank: Newbie
Groups: Registered
DKIM Test Now you can test DKIM signature by this online tool:
http://www.appmaildev.com/en/dkim If report email shows "DKIM Result: pass", that means your DKIM signature is verified successfully. If there is any error, please have a look at following section.
Rank: Newbie
Groups: Registered
DKIM Troubleshooting You can check the problem step by step as follows:
If you have any further problem, please contact
support@emailarchitect.net for assistance.
Rank: Newbie
Groups: Registered
DKIM Sender Rule Sometimes you need to send an email that sender address not belonged to your server.
In this case, you cannot add DKIM signature to such email, as you don't have permission to deploy DKIM public key to sender domain DNS server. Of course if you don't send email from outside email address, or you don't need to sign DKIM for those emails, you can simply ignore this topic.
You can use "Sender Rule" as follows:
Rank: Newbie
Groups: Registered
Was thanked: 2 time(s) in 2 post(s)
DKIM Selector To support multiple concurrent public keys of sending domain, the DNS namespace is further subdivided by"selectors". "Selectors" is arbitrary names below the "_domainkey" namespace.
The most important thing is: "selector" indicates your DKIM public key location. For example: if your domain selector is: "s1024", your public key DNS record is "s1024._domainkey.yourdomain"; if your domain selector is: "mta1", your public key DNS record is "mta1._domainkey.yourdomain".
If you have only one Exchange server, you can ignore the following sections.
Rank: Newbie
Groups: Registered
Was thanked: 1 time(s) in 1 post(s)
Using a single DKIM selector for the same domain on multiple Exchange Servers If all of your servers are running with EA DKIM, you should deploy the certificate as follows:
Rank: Newbie
Groups: Registered
Was thanked: 1 time(s) in 1 post(s)
Using multiple DKIM selectors for the same domain on multiple Exchange servers If you don't want to copy the certificate to all servers or you have another server signing the DKIM with the key pair certificate not supported by EA DKIM, you can use different selector for different server.
Rank: Administration
Groups: Administrators
Thanks: 9 times
Forum Jump
EmailArchitect Support
Email Component Development
- EASendMail SMTP Component - .NET Version
- EASendMail SMTP Component - Windows Store Apps
- EASendMail SMTP ActiveX Object
- EAGetMail POP3 & IMAP4 Component - .NET Version
- EAGetMail POP3 & IMAP4 ActiveX Object
Exchange Server and IIS SMTP Plugin
- DomanKeys/DKIM for Exchange Server and IIS SMTP
- Disclaimer and S/MIME for Exchange Server and IIS
EmailArchitect Email Server
- EmailArchitect Email Server (General)
- EmailArchitect Email Server Development
You cannot post new topics in this forum.
cannot reply to topics in this forum.
cannot delete your posts in this forum.
cannot edit your posts in this forum.
cannot create polls in this forum.
cannot vote in polls in this forum.
