IT Pro: Enabling DKIM

DKIM (DomainKeys Identified Mail) is used by Microsoft 365 to digitally sign outgoing messages. Once Xink adds a signature to a message that already been sent, DKIM signature gets broken.
In most scenarios, Xink would remove DKIM signature at all, and later, when the message reaches Microsoft 365 after processing by Xink engine, Microsoft 365 adds the digital signature again.

But in several scenarios, say if a message is targeted to the same Microsoft 365 tenant that sent the message, DKIM signature will never be restored again.

Xink ReRouter can add DKIM signature after inserting the signature. This feature is supported on a per-domain basis.

It is enough to add the following CNAME record to your public DNS server:

xinkrr._domainkey    CNAME    xinkrr._domainkey.xink.io.

Add a record as follow:
Type: CNAME
Host: xinkrr._domainkey
Pointing to: xinkrr._domainkey.xink.io. (please note trailing dot, it is required).

The DNS record should be entered as shown above. There is no need to replace the domain or domainkey.

Changes will not be visible immediately, it might take up to 72 hours for DNS changes to propagate and take effect.
Xink engine checks DNS record at least daily and enables DKIM signature for the outgoing message if the sender's domain contains the record mentioned above.

Did you find it helpful? Yes No

Send feedback
Sorry we couldn't be helpful. Help us improve this article with your feedback.