Setting up DKIM for Exchange Server | EasyDMARC

Setting up DKIM for Exchange Server

2 Min Read
DKIM for Exchange server

DKIM (DomainKeys Identified Mail) is an email security standard that ensures messages haven’t been altered in transit. It uses public-key cryptography to sign emails with a private key on the sending server. Recipient servers verify the signature with a public key published in the sender’s DNS.

Exchange DKIM Signer is an open-source, easy-to-install DKIM Signing Agent for Microsoft Exchange Server. It includes support for Exchange Server 2007 through 2019.

To begin configuring DKIM on your Exchange server, comply with the steps listed below:

Installing Exchange DKIM Signer

  1. Download the latest GUI package from GitHub.
  2. Extract and run Configuration.DkimSigner.exe.
  3. Click Install and then Close when finished.
  4. Once the installer has completed, click Close.

Configuration

Important Note: Make sure when you’re logging into your exchange server, you have permission to access the path you’ve chosen to store your keys. Otherwise, you’ll receive access denied errors. Furthermore, DKIM signing of outgoing mail will fail.

  1. Open Configuration.DkimSigner.exe from “C:\Program Files\Exchange DkimSigner\”. 2.
  2. In the DKIM Settings tab, make sure to choose Relaxed on both header/body sections shown below.
  3. Click on Save configuration.
  4. Click Add from the bottom-left of the Domain Settings tab, and then select Yes to create a new DKIM record.

5. Enter your domain name in Domain name box and your customized selector name in Selector box, then generate a new key.

Note: DKIM Signer will then generate new public and private DKIM signing keys based on your chosen domain and selector.

6. Save the generated key (.pem file) in C:\Program Files\Exchange DkimSigner\keys and click Save.

    Note: You can save in a different location, but the DKIM Signer recommends you store it in the default location.

    7. Copy the Suggested DNS name value.

      8. Head to your DNS zone (in our case, the DNS zone is Cloudflare).

      9. Publish the DKIM TXT record on your DNS zone based on the information copied.

      Name: Use the Suggested DNS Name.

      Content: Use the Suggested DNS Record.

      10. Save the record

      Important Note: The DKIM record may take up to 48 hours to be recognized and identified in the DNS level.

      11. Check the DNS record in the DKIM Signer Domain Settings tab and click Save domain.

      12. Navigate to the Information tab and select Restart to bring the Exchange Transport Service back online.

      Congratulations! You have now set up DKIM for the Exchange Server on your domain.

      Profile image
      Amin Mousavi
      Email Security Specialist | EasyDMARC
      Amin specializes in DMARC, email security, and cyberawareness, ensures robust email security by providing technical support and translating complex issues into straightforward solutions. His expertise helps clients understand and implement effective cyberawareness strategies.
      Comments
      guest
      0 Comments
      Inline Feedbacks
      View all comments

      succees We’re glad you joined EasyDMARC newsletter! Get ready for valuable email security knowledge every week.

      succees You’re already subscribed to EasyDMARC newsletter. Continue learning more about email security with us

      In this article
      Share article:

      Domain Scanner

      Check phishing vulnerabilities and possible issues with DMARC, SPF,DKIM, and BIMI records

      SMTP2GO Setup: How to Configure SPF and DKIM with EasyDMARC 
      3 Min Read
      Get Your Emails Delivered In 2024
      An Easy Guide To The New Google and Yahoo Requirements
      Download Ebook
      New Ebook