Skip to main content
All CollectionsGetting StartedConfiguration
Microsoft: Updating your DNS with DKIM & SPF criteria
Microsoft: Updating your DNS with DKIM & SPF criteria

This article will show you how to create your DKIM to update your DNS

Rob Ward avatar
Written by Rob Ward
Updated over a year ago

Step 1. When logged in to Microsoft, click on the DKIM page

Select the domain you wish to configure and if no DKIM there.

Step 2: Click Create DKIM keys. You will see a pop-up window stating that you need to add CNAME records. Copy the CNAMES shown in the pop up window


​

Step 3: Publish the copied CNAME records to your DNS service provider.

On your DNS provider's website, add CNAME records for DKIM that you want to enable. Make sure that the fields are set to the following values for each:

Record Type: CNAME (Alias)

> Host: Paste the values you copy from DKIM page.

Points to address: Copy the value from DKIM page.

TTL: 3600 (or your provider default)

Step 4: Return to DKIM page to enable DKIM.

The toggle to enable DKIM

You will also have to update your Domain Name Service (DNS) record so that you can use Sender Policy Framework (SPF) email authentication with your custom domain in Office 365.

v=spf1 include:spf.protection.outlook.com -all

The example above is the most common SPF TXT record. This record works for just about everyone, regardless of whether your Microsoft datacenter is located in the United States, or in Europe (including Germany), or in another location.

However, if you bought Office 365 Germany, part of Microsoft Cloud Germany, you should use the include statement from line 4 instead of line 2. For example, if you are hosted entirely in Office 365 Germany, that is, you have no on-premises mail servers, your SPF TXT record would include rows 1, 4, and 7 and would look like this:

v=spf1 include:spf.protection.outlook.de -all

Finally, here is a help document on how to ensure your DMARC is correctly configured.


​

Did this answer your question?