DKIM setup for office365

DKIM setup for office365

Enabling DKIM for o365

In order to DKIM sign your custom domain emails, you will need to complete the following steps:

  1. Sign in to Office 365 using your admin account and choose Admin

  2. Once in the Admin center, expand Admin centers and choose Exchange.

  3. Go to protection > DKIM

  4. Select the domain for which you want to enable DKIM and click on Enable. Repeat this step for each custom domain.

If you haven't created the relevant CNAME records, below are a few steps for creating a CNAME

Creating the CNAME records


The CNAME records are used to map an alias name to the true or canonical domain name. In essence, when you provision a new domain name in Office 365 you will need to create two CNAME records for it so that it points to your initial domain. Here is an example:


We will use as our initial domain, also called the tenant domain. But we actually own and after we provide it in Office 365 we need to publish the two CNAME records so that points to using the format below.


In our example the CNAME DNS records will look like this:



Host: selector1._domainkey




Host: selector2._domainkey




Please pay close attention to the domainGUID which does not use a full stop "." but a hyphen "-" instead. This is taken from the MX record of your custom domain, in this case,


The CNAME record value syntax will also show up when you click on Enable DKIM from your Exchange admin center: 


The reason behind the two CNAME records is because Microsoft rotates the two keys for added security.


Enabling DKIM signing

Once you have added the CNAME records (two per domain) DKIM signing can be enabled through the Office 365 admin center. 


For more information, refer to this article.

    • Related Articles

    • DKIM Setup for Amazon SES

      When you set up Easy DKIM for an identity, Amazon SES automatically adds a 1024-bit DKIM key to every email that you send from that identity. You can configure Easy DKIM by using the Amazon SES console, or by using the API. When you successfully ...
    • How to setup DKIM for SendGrid?

      Enabling DKIM for Sendgrid  In order to enable DKIM for SendGrid go through the following steps: Login to your SendGrid account Go to Settings > Sender Authentication > Authenticate Your Domain by clicking on Get Started Now choose your DNS Host ...
    • How to setup DKIM for Salesforce?

      If you want to allow Salesforce to send email on behalf of your domain, setting up DKIM in your DNS is essential. Your email deliverability is directly impacted in case you skip the process of configuring DKIM. Moreover, the chances of your email ...
    • How to setup DKIM for Zoho Mail?

      This article will be covering the steps to successfully setup DKIM for Zoho Mail. Setting up DKIM for Zoho will significantly improve the domain reputation among ISPs. The authentication method also aims to offer a secure email channel for ...
    • DKIM setup for G suite / Google Workspace

      Steps to Setup DKIM for Google Workspace (G Suite)  Sign in to your Google Admin console (at with super administrator privileges  Go to Apps > Google Workspace > Gmail.  Click Authenticate email.  Your primary domain is selected by ...