DKIM for Office 365 02/16/18

Publish two CNAME records for your custom domain in DNS

For each domain for which you want to add a DKIM signature in DNS, you need to publish two CNAME records. A CNAME record is used by DNS to specify that the canonical name of a domain is an alias for another domain name.

Office 365 performs automatic key rotation using the two records that you establish. If you have provisioned custom domains in addition to the initial domain in Office 365, you must publish two CNAME records for each additional domain. So, if you have two domains, you must publish two additional CNAME records, and so on.

Use the following format for the CNAME records:

Host name:			selector1._domainkey.
Points to address or value:	selector1-._domainkey. 
TTL:				3600

Host name:			selector2._domainkey.
Points to address or value:	selector2-._domainkey. 
TTL:				3600

Where:

  • For Office 365, the selectors will always be "selector1" or "selector2".
  • domainGUID is the same as the domainGUID in the customized MX record for your custom domain that appears before mail.protection.outlook.com. For example, in the following MX record for the domain contoso.com, the domainGUID is contoso-com:
    contoso.com.  3600  IN  MX   5 contoso-com.mail.protection.outlook.com
    
  • initialDomain is the domain that you used when you signed up for Office 365. For information about determining your initial domain, see Domains FAQ.

For example, if you have an initial domain of cohovineyardandwinery.onmicrosoft.com, and two custom domains cohovineyard.com and cohowinery.com, you would need to set up two CNAME records for each additional domain, for a total of four CNAME records.

Host name:			selector1._domainkey.cohovineyard.com  
Points to address or value:	selector1-cohovineyard-com._domainkey.cohovineyardandwinery.onmicrosoft.com
TTL:				3600

Host name:			selector2._domainkey.cohovineyard.com  
Points to address or value:	selector2-cohovineyard-com._domainkey.cohovineyardandwinery.onmicrosoft.com
TTL:				3600

Host name:			selector1._domainkey.cohowinery.com
Points to address or value:	selector1-cohowinery-com._domainkey.cohovineyardandwinery.onmicrosoft.com 
TTL:				3600
 
Host name:			selector2._domainkey.cohowinery.com
Points to address or value:	selector2-cohowinery-com._domainkey.cohovineyardandwinery.onmicrosoft.com 
TTL:				3600

Sign in to Office 365 with your work or school account.

  • Select the app launcher icon in the upper-left and choose Admin.
  • In the lower-left navigation, expand Admin and choose Exchange.
  • Go to Protection > dkim.
  • Select the domain for which you want to enable DKIM and then, for Sign messages for this domain with DKIM signatures, choose Enable. Repeat this step for each custom domain.
  •  I found this article helpful. (0)