Setup Office 365 DKIM for Enhanced Email Security
Need IT Support? Visit support.itofus.com and Open a Ticket.
One-Time Machine Setup:
Open Power Shell
Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Scope LocalMachine
[A]
Install-Module -Name PowerShellGet -Force
[Y]
Install-Module -Name ExchangeOnlineManagement
[A]
Connect
Connect-ExchangeOnline
Generate DKIM
New-DkimSigningConfig -DomainName <domain> -Enabled $false
Get-DkimSigningConfig -Identity <domain> | Format-List Selector1CNAME, Selector2CNAME
Create CNAME DNS Records on DNS Provider
Name: selector1._domainkey
Value: OUTPUT of Get-DkimSigningConfig for SELECTOR1:
Name: selector2._domainkey
Value: OUTPUT of Get-DkimSigningConfig for SELECTOR2:
Wait for DNS Replication (~15 Mins on Cloudflare)
Enable DKIM
Set-DkimSigningConfig -Identity <domain> -Enabled $true
Upgrade 1024-bit keys to 2048-bit DKIM
Rotate-DkimSigningConfig -KeySize 2048 -Identity <domain>
References
https://docs.microsoft.com/en-us/office365/enterprise/powershell/connect-to-all-office-365-services-in-a-single-windows-powershell-window
https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/use-dkim-to-validate-outbound-email?view=o365-worldwide