Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
332
Views
1
Helpful
2
Replies

DKIM Behavior on non signed Mails when DKIM Key publication in DNS

mailsecurity
Level 1
Level 1

‎08-02-2023 04:04 AM

Hi - we want to set up DKIM for outgoing mail traffic step by step.

We have created a DKIM Key and integrated it on the ESA (Signing Profiles, Signing Keys..)
DKIM Signing is not yet enabled on Mail FLoy Policy for outgoing Mails.
Next we plan to publish the DKIM PUB Key in Internet DNS.

Question - As long as we do not sign outbound on the ESA DKIM yet:
Does publishing DKIM key have consequences on non-signed mail?
We have no experience how remote MTA's handle Mails when

  • DKIM icomming check is enabled (Receiver)
  • DKIM key is published (by us)
  • Sending mail is not signed (by us or 3rd Party Service)

Thanks for experience!!!!

Labels:
0 Helpful
2 Replies 2

Ken Stieers
VIP
VIP

‎08-02-2023 04:32 AM - edited ‎08-02-2023 06:03 AM

The recipient system won't go looking for your DKIM records until you start signing mail.

For new DNS entries, generally you just need to give your DNS provider enough time to replicate your new record before you start signing. This is probably just a few minutes at most.

As a rule of thumb, you can publish your DKIM records, and then use Dig, or nslookup pointed at Google (8.8.8.8)or Cloudflare (1.1.1.1) to lookup your record. As soon as they return it, you can start signing mail.

mailsecurity
Level 1
Level 1

‎08-02-2023 05:56 AM

THX Ken!!

0 Helpful
Customers Also Viewed These Support Documents