Shaun Gorman
asked on
How to get the correct detail for DKIM and SPF from vendor domain to add to TXT record for our domain so vendor can send as us and not be blocked as spam.
How to get the correct detail for DKIM and SPF from vendor domain to add to TXT record for our domain so vendor can send as us and not be blocked as spam.
Hi. thanks for looking at this problem.
An external vendor does mail outs for us.
When they do mailouts their emails sent as name@ourdomain.com get blocked since it isn't our domain sending the email.
I understand we can add their DKIM information as a TXT record to our DNS to make their domain trusted to send as us.
Do you know what detail it needs?
I have found this article
https://support.symantec.com/en_US/article.TECH132756.html
I have gotten the vendor detail from the message header of an email they have sent as us.
I can do an nslookup like this:
nslookup -type=txt "vendorselector"._domainke y."vendord omain"
and it comes back with a text record like:
v=DKIM1: p=sdfasdfafasdfasdfasdf
but there is no K or H value.
the other TXT records I have seen for DKIM have at least a K value which seems to be mostly RSA
Does anyone know if I do this kind of NSLookup and it returns that TXT record, if that is all I have to put in our DNS?
Normally I would just ask the vendor for this detail, but they don't seem to have the will to gather it.
Thanks,
Shaun
Hi. thanks for looking at this problem.
An external vendor does mail outs for us.
When they do mailouts their emails sent as name@ourdomain.com get blocked since it isn't our domain sending the email.
I understand we can add their DKIM information as a TXT record to our DNS to make their domain trusted to send as us.
Do you know what detail it needs?
I have found this article
https://support.symantec.com/en_US/article.TECH132756.html
I have gotten the vendor detail from the message header of an email they have sent as us.
I can do an nslookup like this:
nslookup -type=txt "vendorselector"._domainke
and it comes back with a text record like:
v=DKIM1: p=sdfasdfafasdfasdfasdf
but there is no K or H value.
the other TXT records I have seen for DKIM have at least a K value which seems to be mostly RSA
Does anyone know if I do this kind of NSLookup and it returns that TXT record, if that is all I have to put in our DNS?
Normally I would just ask the vendor for this detail, but they don't seem to have the will to gather it.
Thanks,
Shaun
ASKER
Thanks heaps noci.
So does that mean the TXT information that comes from an NSLookup on the vendor domain is all I need for the DKIM TXT record for our domain so the vendor domain can send email on our behalf?
The objective is that our email sent by the vendor isn't marked as spam.
So does that mean the TXT information that comes from an NSLookup on the vendor domain is all I need for the DKIM TXT record for our domain so the vendor domain can send email on our behalf?
The objective is that our email sent by the vendor isn't marked as spam.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks noci. The support from the vendor aren't coming back with answers so I will use the TXT result from nslookup. I appreciate your thoughts
There are even more options to be specified see RFC:
https://tools.ietf.org/html/rfc6376#page-53