KB Article #73274
Enable DKIM to digitally sign outgoing messages
Problem
How to enable DKIM to sign all outgoing mail?
Resolution
To generate domain keys for the local email domains, follow the steps below:
Given the DNS record is configured, enable DKIM in MailGate Admin UI and choose for which Sending Connection Policies, DKIM should be used.
How to enable DKIM to sign all outgoing mail?
Resolution
Domain Keys Identified Mail (DKIM) is used for signing email messages. There are no CAs nor revocation lists involved in DKIM key management.
To generate domain keys for the local email domains, follow the steps below:
1. Go to Admin UI -> Relay Policies -> Defense Settings -> DKIM Keys
2. Select "Generate New DKIM Key" button
3. Type the name of the domain for which the key should be generated
4. Type the name of the selector.
5. Once the new key is generated, you should be able to see the public key for the newly created domain key.
6. Add the public key to the TXT record of <selector>._domainkey.<your domain> in the local DNS server (or ask the ISP to do so if DNS server is managed outside the organization).
Given the DNS record is configured, enable DKIM in MailGate Admin UI and choose for which Sending Connection Policies, DKIM should be used.