• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 250
  • Last Modified:

Where to create DKIM entry ?

People,

Can anyone here please sahre some steps to secure my new custom email domain ?

MyCustom.com domain to authenticate mailchimp.com:

DKIM: Create a CNAME record for k1._domainkey.MyCustom.com with this value:
dkim.mcsv.net
SPF: Create a TXT record for MyCustom.com with:
v=spf1 include:servers.mcsv.net ?all

Open in new window


Where can I enter this information in my DNS server or in the Exchange Server ?
0
Senior IT System Engineer
Asked:
Senior IT System Engineer
  • 4
  • 3
2 Solutions
 
LearnctxEngineerCommented:
You do all of this on your DNS server hosting your zone info for the domain. Assuming you're using a Windows DNS server? If so, in dnsmgmt.msc:

1. Select MyCustom.com.
2. Right click and create a domain under MyCustom.com called _domainkey
3. In the _domainkey sub domain create an alias (CNAME) record k1 pointing to "dkim.mcsv.net.". Yes include the root on the end.
4. Done.

If you lookup dkim.mcsv.net:

nslookup -type=txt dkim.mcsv.net.

Open in new window

You will return to DKIM record.

k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDbNrX2cY/GUKIFx2G/1I00ft
dAj713WP9AQ1xir85i89sA2guU0ta4UX1Xzm06XIU6iBP41VwmPwBGRNofhBVR+e6WHUoNyIR4Bn84LV
cfZE20rmDeXQblIupNWBqLXM1Q+VieI/eZu/7k9/vOkLSaQQdml4Cv8lb3PcnluMVIhQIDAQAB;

To create the SPF, in the root of MyCustom.com, create a new text record (TXT, you will find it under Other records when you right click) with a value of:

v=spf1 include:servers.mcsv.net ?all

This is a same as parent record so you just need to provide the data not a record name.

If you are not using a Windows DNS server, then you need to do the same using the interface your DNS provider has given you. Most providers/registrars will have a help guide around creating records.
1
 
Senior IT System EngineerIT ProfessionalAuthor Commented:
Hi LearnCTX,

Does it means I should be doing this on my internal AD integrated DNS server or the external DNS server managed by the ISP for my public IP address which hold the MX records of all my email servers ?
0
 
LearnctxEngineerCommented:
Always external DNS records. These need to be publicly resolvable. The DKIP and SPF records are used for authorising others to send mail on your behalf.

When you're done setting this up you can check your settings with the links below.

DKIM: https://mxtoolbox.com/SuperTool.aspx?action=dkim%3aMyCustom.com%3ak1&run=toolpage
SPF: https://mxtoolbox.com/SuperTool.aspx?action=spf%3aMyCustom.com&run=toolpage
1
Get 10% Off Your First Squarespace Website

Ready to showcase your work, publish content or promote your business online? With Squarespace’s award-winning templates and 24/7 customer service, getting started is simple. Head to Squarespace.com and use offer code ‘EXPERTS’ to get 10% off your first purchase.

 
Senior IT System EngineerIT ProfessionalAuthor Commented:
LearnCTX,

Well if that's the case, I will then need to ask my ISP to configure it for me.

Because my AD integrated DNS is just for internal AD domain only.
0
 
LearnctxEngineerCommented:
It sounds like it if they run your DNS as a managed service on your behalf.
0
 
Senior IT System EngineerIT ProfessionalAuthor Commented:
yes, because all of the DNS servers in my environemnt are windows server behind the firewall.
No DMZ DNS server.
0
 
Senior IT System EngineerIT ProfessionalAuthor Commented:
Thanks !
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Easily Design & Build Your Next Website

Squarespace’s all-in-one platform gives you everything you need to express yourself creatively online, whether it is with a domain, website, or online store. Get started with your free trial today, and when ready, take 10% off your first purchase with offer code 'EXPERTS'.

  • 4
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now