Setup DKIM with Exchange 2013/2016 Inhouse Server
-
We were requested to Setup DKIM on a Microsoft Exchange 2016 Server and since Microsoft doesn't include DKIM as part of the Exchange Inhouse Server we needed to rely on a DKIM Signer tool. We found an opensource tool and that works with Exchange. In this case we are using the https://github.com/Pro/dkim-exchange project.
Installation
1- Download the Latest Package to the Exchange Server- https://github.com/Pro/dkim-exchange/releases/latest (Select the Configuration.DkimSigner.zip file)
2- Once Downloaded it Extract the Zip File to any folder you want on the Exchange Server.
3- Run the Configuration.DkimSigner.exe from the Extracted files.
4- Once it opens, wait until your see the Install option available and click on it.
5- Let the installer finish and Close it.
Now to Configure the Application
1- Go to the C:\Program Files\Exchange DkimSigner folder
2- Run the Configuration.DkimSigner.exe application
3- Click the Configure Button
4- Move up the "Exchange DKIMSigner" Transport Agent
5- Press Close.
6- Go to the DKIM Settings and set the "Header Canonicalization & Body Canonicalization" Options as Relaxed
7- Then press the "Save Configuration" button
8- Go to the "Domain settings Tab" and press the "Add" button
9- Enter your domain name and set your Selector (DKIM record selector)
10- Press the "Generate new key" button
11- You will be prompted to save your Key on the Server (The default save locations is "C:\Program Files\Exchange DkimSigner\keys")
12- Press Save.
13- Created your DKIM DNS records based on the "Suggested DNS Name" and "Suggested DNS record"
14- Press the "Save Domain Button"
15- Go to the Information Tab and Press the Restart Button under the "Transport Service Status"
Once the service restarts then your emails will be signed . Use a DKIM validator or other method to confirm your DKIM emails are signed. Also don't forget to setup your DMARC DNS record. (You can use MXtoolbox for that - https://mxtoolbox.com/DMARCRecordGenerator.aspx)