Setting Up DomainKeys (DKIM) in Office 365 Hosted Email

Setting Up DomainKeys (DKIM) in Office 365 Hosted Email

Microsoft implemented DKIM signing for outbound emails early in 2015 but the implementation was still a little clunky, requiring knowledge of the DKIM DNS formatting and the liberal application PowerShell commands.

Fortunately, they have improved this and placed it within the grasp of the average user and/or administrator.  I’ve outlined the steps below to make this as easy as possible.

1. Create CNAME DKIM DNS Records

Login to the panel used to manage your domain names DNS records – this will often be either your domain name registrar such as 123-Reg and GoDaddy or it could be your website hosting account (a cPanel, Plesk or CloudFlare account).

You can retrieve information about your domain names DNS using IntoDNS.co.uk and whois.com.

You need to create two CNAME records (not TXT records), based on the following format:

HostValue
selector1._domainkeyselector1-bobmckay-com._domainkey.bobscompany.onmicrosoft.com
selector2._domainkeyselector2-bobmckay-com._domainkey.bobscompany.onmicrosoft.com

As you can see, the value portion of the DNS record you create has your domain name in the first section but replacing the dots with dashes (so northumberlandwebdesign.com becomes bobmckay-com).

The second portion contains the temporary domain name Microsoft assign you when you sign up for your Office 365 account, assuming there isn’t a company with the same name already in the system, a company called Looney Tunes Ltd would have a temporary domain of looneytunesltd.onmicrosoft.com.

To be certain of yours:

Login to Office 365 using an account with administrative rights via https://portal.microsoftonline.com.

Click the menu button in the top left corner (it looks like a telephone dial pad)

Click Admin

Click Domains, you’ll see the temporary domain there:

Setting Up DKIM on Office 365 - Domains

2. Enable DKIM on Office 365

Login to Office 365 using an account with administrative rights via https://portal.microsoftonline.com.

Click the menu button in the top left corner (it looks like a telephone dial pad)

Click Admin

On the left you’ll have a menu, at the very bottom will be an option called Admin Centers

Expand this menu and click Exchange, this will open a new window displaying the ‘Exchange Admin Center‘ (if you don’t see it, make sure your browsers popup blocker hasn’t stopped the page from appearing).

On the left-hand menu click Protection

From the new sub menu at the top of the right hand section, click DKIM

Select your domain name from the list and then click Enable‘ on the right-hand side:

Setting Up DKIM on Office 365 - Enable DKIM

Once your DKIM is active, you should see something like the following:

Troubleshooting

If you receive the following error message:

CNAME record does not exist for this config. Please publish the following two CNAME records first.

Strictly speaking this error means either the DNS records haven’t been configured properly or they haven’t had time to propagate but when I forced refreshed the entire page, the error suddenly went away so don’t trust repeatedly clicking the ‘enable’ link!

 

Bob McKay

About Bob McKay

Bob McKay works at Perfect Image, is a father, programmer and a self confessed techie-geek type.

Disclosure Policy

Bob on Google+

4 comments on «Setting Up DomainKeys (DKIM) in Office 365 Hosted Email»

  1. Mario says:

    Have you ran into a case in which the domain contains a hyphen example: my-domain.com?
    as a result the MX record has additional info added to it.

    how to handle this?

    1. Bob McKay says:

      Hey Mario,
      Never had a problem with hyphens causing a problem in domains in any way at all (SPF, DNS or DKIM) – are sure that is what is causing your issue?

  2. koroshkokabi says:

    I went vpn free

Leave a Reply

Your email address will not be published. Required fields are marked *