Outbound DKIM signing and DNS infrastructure | Building the required DNS records for Office 365 | Part 4#10
In a scenario in which we want to use outbound DKIM signing for our public…
In the current article, we provide step by step guideline, for the task of – creating the required two “DKIM CNAME records,” that we needed to publish.
This is a preliminary step that we must complete. Only after the required “DKIM CNAME” records were successfully created, we can continue to the last step, in which we enable that outbound DKIM signing for a specific domain name registered with Office 365.
|01||DKIM – Domain Keys Identified Mail | Basic introduction | Part 1#10|
|02||DKIM as standard that based upon the Public key infrastructure | Part 2#10|
|03||DKIM flow in Office 365 | Part 3#10|
|04||Outbound DKIM signing and DNS infrastructure | Building the required DNS records for Office 365 | Part 4#10|
|05||How to enable outbound DKIM signing for your domain in Office 365 – Introduction | Part 5#10|
|06||Calculating manually the value of the Office 365 DKIM selector host name | Part 6#10|
|07||Get the value of the DKIM record for a Domain, using PowerShell | Office 365 | Part 7#10|
|08||Creating the required two CNAME required for Outbound DKIM signing using GoDaddy DNS | Part 8#10|
|09||Verifying that the DKIM CNAME records configured properly | Office 365 | Part 9#10|
|10||Enabling Outbound DKIM signing + Verifying the process of Outbound DKIM signing in the Office 365 environment | Part 10#10|
The domain for which we want to activate the “outbound DKIM signing” is – o365pilot.com
The prerequisite for enabling the outbound DKIM signing is – a creation of two CNAME records, that will be created in the DNS server who hosts the specified domain.
In our scenario, the 2 “DKIM CNAME” records, will include the following host’s names:
Using our public DNS management interface for creating the required two CNAME record that will be used for DKIM outbound signing in Office 365 environment.
In the next section, I will demonstrate how to create the two CNAME records, that will point to the Office 365 DKIM Selectors using the GoDaddy DNS management interface.
Regarding “other DNS management interfaces,” the major concepts of creating CNAME records are less or more the same on every DNS management interface, beside of some minor changes.
In the Gooday DNS management interface
In our scenario, we would like to create a NEW CNAME record.
In our specific scenario, the CNAME record will include the following hosts names:
In the “upper section” named – HOST:, we will add the host name: selector1._domainkey
It’s important to understand that because this hostname is hosted “under” the domain name – o365pilot.com , the FQDN (Fully qualified Hostname) will be – selector1._domainkey.o365pilot.com
In other words, don’t add the “full hostname” in the upper part, but only the “partial hostname” without the “Domain suffix part.”
The host name in the “upper part,” will be used for redirected requests to the dedicated Office 365 DKIM Selector record, that includes the Office 365 DKIM Public Key.
In the “bottom section” named – POINTS TO:, we will add the following host name:
Before we continue, it’s important to me to briefly review the concept of the DNS CNAME record because, many times this concept can be a bit confusing.
The CNAME record serves as a “logical router” that accepts a request for “object A” and redirects the required to “object B.”
In our case, each DNS query for the “DKIM selector” that is represented by the host name – selector1._domainkey.o365pilot.com, will be redirected
to the Host name selector1-o365pilot-com._domainkey.o365info2.onmicrosoft.com
Creating and configuring the second DKIM CNAME record
We will need to repeat this process for cratering an additional CNAME record, that will use for redirecting DKIM request to additional Office 365 host named – selector2
To add an additional record, we will click on the button – ADD ANOTHER
In the “upper section” named – HOST:, we will add the host name: selector2._domainkey
In the “bottom section” named – POINTS TO:, we will add the host name:
In the following screenshot, we can see the result; two new CNAME records created.
The next step
It’s recommended to continue to read the next article, which describe the “next step,” in which we review the process of – verify if the DKIM CNAME records are successfully published and available for external clients.