Solved

Where to create DKIM entry ?

Posted on 2016-08-01
7
157 Views
Last Modified: 2016-08-31
People,

Can anyone here please sahre some steps to secure my new custom email domain ?

MyCustom.com domain to authenticate mailchimp.com:

DKIM: Create a CNAME record for k1._domainkey.MyCustom.com with this value:
dkim.mcsv.net
SPF: Create a TXT record for MyCustom.com with:
v=spf1 include:servers.mcsv.net ?all

Open in new window


Where can I enter this information in my DNS server or in the Exchange Server ?
0
Comment
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
7 Comments
 
LVL 17

Accepted Solution

by:
Learnctx earned 500 total points
ID: 41737205
You do all of this on your DNS server hosting your zone info for the domain. Assuming you're using a Windows DNS server? If so, in dnsmgmt.msc:

1. Select MyCustom.com.
2. Right click and create a domain under MyCustom.com called _domainkey
3. In the _domainkey sub domain create an alias (CNAME) record k1 pointing to "dkim.mcsv.net.". Yes include the root on the end.
4. Done.

If you lookup dkim.mcsv.net:

nslookup -type=txt dkim.mcsv.net.

Open in new window

You will return to DKIM record.

k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDbNrX2cY/GUKIFx2G/1I00ft
dAj713WP9AQ1xir85i89sA2guU0ta4UX1Xzm06XIU6iBP41VwmPwBGRNofhBVR+e6WHUoNyIR4Bn84LV
cfZE20rmDeXQblIupNWBqLXM1Q+VieI/eZu/7k9/vOkLSaQQdml4Cv8lb3PcnluMVIhQIDAQAB;

To create the SPF, in the root of MyCustom.com, create a new text record (TXT, you will find it under Other records when you right click) with a value of:

v=spf1 include:servers.mcsv.net ?all

This is a same as parent record so you just need to provide the data not a record name.

If you are not using a Windows DNS server, then you need to do the same using the interface your DNS provider has given you. Most providers/registrars will have a help guide around creating records.
1
 
LVL 8

Author Comment

by:Senior IT System Engineer
ID: 41737250
Hi LearnCTX,

Does it means I should be doing this on my internal AD integrated DNS server or the external DNS server managed by the ISP for my public IP address which hold the MX records of all my email servers ?
0
 
LVL 17

Assisted Solution

by:Learnctx
Learnctx earned 500 total points
ID: 41737377
Always external DNS records. These need to be publicly resolvable. The DKIP and SPF records are used for authorising others to send mail on your behalf.

When you're done setting this up you can check your settings with the links below.

DKIM: https://mxtoolbox.com/SuperTool.aspx?action=dkim%3aMyCustom.com%3ak1&run=toolpage
SPF: https://mxtoolbox.com/SuperTool.aspx?action=spf%3aMyCustom.com&run=toolpage
1
Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

 
LVL 8

Author Comment

by:Senior IT System Engineer
ID: 41738180
LearnCTX,

Well if that's the case, I will then need to ask my ISP to configure it for me.

Because my AD integrated DNS is just for internal AD domain only.
0
 
LVL 17

Expert Comment

by:Learnctx
ID: 41738299
It sounds like it if they run your DNS as a managed service on your behalf.
0
 
LVL 8

Author Comment

by:Senior IT System Engineer
ID: 41738303
yes, because all of the DNS servers in my environemnt are windows server behind the firewall.
No DMZ DNS server.
0
 
LVL 8

Author Closing Comment

by:Senior IT System Engineer
ID: 41779052
Thanks !
0

Featured Post

Free NetCrunch network monitor licenses!

Only on Experts-Exchange: Sign-up for a free-trial and we'll send you your permanent license!

Here is what you get: 30 Nodes | Unlimited Sensors | No Time Restrictions | Absolutely FREE!

Act now. This offer ends July 14, 2017.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you troubleshoot Outlook for clients, you may want to know a bit more about the OST file before doing your next job. IMAP can cause a lot of drama if removed in the accounts without backing up.
After seeing many questions for JRNL_WRAP_ERROR for replication failure, I thought it would be useful to write this article.
This video demonstrates how to sync Microsoft Exchange Public Folders with smartphones using CodeTwo Exchange Sync and Exchange ActiveSync. To learn more about CodeTwo Exchange Sync and download the free trial, go to: http://www.codetwo.com/excha…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

729 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question