Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 203
  • Last Modified:

Where to create DKIM entry ?

People,

Can anyone here please sahre some steps to secure my new custom email domain ?

MyCustom.com domain to authenticate mailchimp.com:

DKIM: Create a CNAME record for k1._domainkey.MyCustom.com with this value:
dkim.mcsv.net
SPF: Create a TXT record for MyCustom.com with:
v=spf1 include:servers.mcsv.net ?all

Open in new window


Where can I enter this information in my DNS server or in the Exchange Server ?
0
Senior IT System Engineer
Asked:
Senior IT System Engineer
  • 4
  • 3
2 Solutions
 
LearnctxEngineerCommented:
You do all of this on your DNS server hosting your zone info for the domain. Assuming you're using a Windows DNS server? If so, in dnsmgmt.msc:

1. Select MyCustom.com.
2. Right click and create a domain under MyCustom.com called _domainkey
3. In the _domainkey sub domain create an alias (CNAME) record k1 pointing to "dkim.mcsv.net.". Yes include the root on the end.
4. Done.

If you lookup dkim.mcsv.net:

nslookup -type=txt dkim.mcsv.net.

Open in new window

You will return to DKIM record.

k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDbNrX2cY/GUKIFx2G/1I00ft
dAj713WP9AQ1xir85i89sA2guU0ta4UX1Xzm06XIU6iBP41VwmPwBGRNofhBVR+e6WHUoNyIR4Bn84LV
cfZE20rmDeXQblIupNWBqLXM1Q+VieI/eZu/7k9/vOkLSaQQdml4Cv8lb3PcnluMVIhQIDAQAB;

To create the SPF, in the root of MyCustom.com, create a new text record (TXT, you will find it under Other records when you right click) with a value of:

v=spf1 include:servers.mcsv.net ?all

This is a same as parent record so you just need to provide the data not a record name.

If you are not using a Windows DNS server, then you need to do the same using the interface your DNS provider has given you. Most providers/registrars will have a help guide around creating records.
1
 
Senior IT System EngineerIT ProfessionalAuthor Commented:
Hi LearnCTX,

Does it means I should be doing this on my internal AD integrated DNS server or the external DNS server managed by the ISP for my public IP address which hold the MX records of all my email servers ?
0
 
LearnctxEngineerCommented:
Always external DNS records. These need to be publicly resolvable. The DKIP and SPF records are used for authorising others to send mail on your behalf.

When you're done setting this up you can check your settings with the links below.

DKIM: https://mxtoolbox.com/SuperTool.aspx?action=dkim%3aMyCustom.com%3ak1&run=toolpage
SPF: https://mxtoolbox.com/SuperTool.aspx?action=spf%3aMyCustom.com&run=toolpage
1
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
Senior IT System EngineerIT ProfessionalAuthor Commented:
LearnCTX,

Well if that's the case, I will then need to ask my ISP to configure it for me.

Because my AD integrated DNS is just for internal AD domain only.
0
 
LearnctxEngineerCommented:
It sounds like it if they run your DNS as a managed service on your behalf.
0
 
Senior IT System EngineerIT ProfessionalAuthor Commented:
yes, because all of the DNS servers in my environemnt are windows server behind the firewall.
No DMZ DNS server.
0
 
Senior IT System EngineerIT ProfessionalAuthor Commented:
Thanks !
0

Featured Post

Hire Technology Freelancers with Gigs

Work with freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely, and get projects done right.

  • 4
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now