Creating a DKIM for Office365
Install OpenDKIM
apt install opendkim-toolsGenerate Selectors
opendkim-genkey -D /root -d <domain> -s selector1
opendkim-genkey -D /root -d <domain> -s selector2Then view the DNS record by running:
cat /root/selector1.txt
cat /root/selector2.txtAdding the DKIM to DNS
Navigate to DNS
Go to your DNS Provider’s Portal
Create TXT
- Click “Add Record” on the DNS page
- Select a
TXT-Record - Set the name as
selector1._domainkey - Set the value as the DKIM selector value from the
/root/selector1.txt, it should look similar to:
"v=DKIM1; h=sha256; k=rsa; "p=XXXXXXXXXXXXXXXXXXXXXXXXXXXX"- Click “Save”
Selector 2
Repeat the same steps for selector2
Adding the private key on Office365
Visit the 365 DKIM Page
- Visit the Office365 Admin Portal
Select your domain
- Click the domain that you want to enable DKIM for.
Enable DKIM Signatures
- Change the “Sign messages for this domain with DKIM signatures” toggle to “Enabled”
Upload Key to 365 Admin
- Upload the private keys from the
selector1.privateandselector2.privatefiles to Office365
Microsoft Managed DKIM
Alternatively, you might want to use the managed DKIM provided by Microsoft which can be accomplished by:
Navigate to DNS
Go to your DNS Provider’s Portal like Cloudflare’s DNS Page
Create CNAME
-
Click “Add Record” on the DNS page
-
Select a
CNAME-Record -
Set the record like the following with
example-comandexamplecomfilled in as your domain.
Set the “name” as:
selector1._domainkeySet the “value” as:
selector1-example-com._domainkey.examplecom.onmicrosoft.comSelector 2
Repeat the same steps for selector2