9.9 Configuring DKIM

MailMarshal can sign and validate messages with DomainKeys Identified Mail (DKIM). Signing can be controlled by policy, and validation results can be used in policy conditions.

To use DKIM for received messages you must enable message validation. To use DKIM for sending from local domains, you must enter key information for each local domain and then add a rule to apply signatures.

To configure DKIM validation:

1.In the left pane of the Management Console click System Configuration.

2.From the right pane menu expand Receiver Properties and select DKIM.

3.To enable DKIM validation, check the box Enable DKIM Detection. To disable the feature, clear the box.

4.To apply the changes, commit the configuration.

To configure DKIM keys for local domains:

1.In the left pane of the Management Console click System Configuration.

2.In the right pane, click Local Domains. Select a domain, and then click Edit.

3.Click the DKIM tab.

4.Click Add to generate or import a key, and select appropriate settings. For details, see Help.

Information 

Note: Keep a copy of the key file in a secure location. DKIM signing keys are not included in the MailMarshal configuration backup.

5.Ensure that you have published a DNS TXT record that includes the related public key. The DKIM Key window provides the appropriate record text for the key.

Information 

Note: The TXT record will have a name like selectorname._domainkey.domain.TLD (for example, 20190822._domainkey.example.com).

For more information about creating and publishing keys for DKIM, see Trustwave Knowledge Base article Q20841.

dkim-local-domain.png 

6.To sign messages, once the DKIM key is created and published, use a Content Analysis Rule to apply the DKIM signature. See “Apply DKIM signature”.

Trustwave MailMarshal 10.2.5 User Guide August 2024
< Previous Section   |   Next Section >
Full document: see MailMarshal Documentation.