Setting Up DomainKeys (DKIM) in Office 365 Hosted Email

Setting Up DomainKeys (DKIM) in Office 365 Hosted Email

Microsoft implemented DKIM signing for outbound emails early in 2015 but the implementation was still a little clunky, requiring knowledge of the DKIM DNS formatting and the liberal application PowerShell commands.

Fortunately, they have improved this and placed it within the grasp of the average user and/or administrator.  I’ve outlined the steps below to make this as easy as possible.

1. Create CNAME DKIM DNS Records

Login to the panel used to manage your domain names DNS records – this will often be either your domain name registrar such as 123-Reg and GoDaddy or it could be your website hosting account (a cPanel, Plesk or CloudFlare account).

You can retrieve information about your domain names DNS using and

You need to create two CNAME records (not TXT records), based on the following format:


As you can see, the value portion of the DNS record you create has your domain name in the first section but replacing the dots with dashes (so becomes bobmckay-com).

The second portion contains the temporary domain name Microsoft assign you when you sign up for your Office 365 account, assuming there isn’t a company with the same name already in the system, a company called Looney Tunes Ltd would have a temporary domain of

To be certain of yours:

Login to Office 365 using an account with administrative rights via

Click the menu button in the top left corner (it looks like a telephone dial pad)

Click Admin

Click Domains, you’ll see the temporary domain there:

Setting Up DKIM on Office 365 - Domains

2. Enable DKIM on Office 365

Login to Office 365 using an account with administrative rights via

Click the menu button in the top left corner (it looks like a telephone dial pad)

Click Admin

On the left you’ll have a menu, at the very bottom will be an option called Admin Centers

Expand this menu and click Exchange, this will open a new window displaying the ‘Exchange Admin Center‘ (if you don’t see it, make sure your browsers popup blocker hasn’t stopped the page from appearing).

On the left-hand menu click Protection

From the new sub menu at the top of the right hand section, click DKIM

Select your domain name from the list and then click Enable‘ on the right-hand side:

Setting Up DKIM on Office 365 - Enable DKIM

Once your DKIM is active, you should see something like the following:


If you receive the following error message:

CNAME record does not exist for this config. Please publish the following two CNAME records first.

Strictly speaking this error means either the DNS records haven’t been configured properly or they haven’t had time to propagate but when I forced refreshed the entire page, the error suddenly went away so don’t trust repeatedly clicking the ‘enable’ link!


Bob McKay

About Bob McKay

Bob McKay works at Perfect Image, is a father, programmer and a self confessed techie-geek type.

Disclosure Policy

Bob on Google+

4 comments on «Setting Up DomainKeys (DKIM) in Office 365 Hosted Email»

  1. Hello,

    I am actually a Customer Service Agent of Partner Network at the moment.

    You are not aware of utterly horrible customer support, that is going on there.

    Should you wish to cooperate in order for interesting materials see the word….

    Please let me know.

    Small proof for you:

    Your Organization Partner ID: 2321234 – contact email address

    I am glad you re-enrolled, Bob: Network Member (Active thru Jun.15.2017)

    Have a nice day!

  2. Mario says:

    Have you ran into a case in which the domain contains a hyphen example:
    as a result the MX record has additional info added to it.

    how to handle this?

    1. Bob McKay says:

      Hey Mario,
      Never had a problem with hyphens causing a problem in domains in any way at all (SPF, DNS or DKIM) – are sure that is what is causing your issue?

  3. koroshkokabi says:

    I went vpn free

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.