Email Security/Exchange Online - Ensure That DKIM Is Enabled For All Exchange Online Domains

Summary DKIM should be used along with SPF and DMARC to prevent spoofers from sending messages that look like they are coming from your domain. Reason If DKIM is enabled with Office 365, then, the messages that are sent from Exchange Online will be cryptographically signed. This will allow the receiving email system to validate that the messages are generated by a server authorized by the organization and not being spoofed. What If? Although, setting up DKIM will not affect anything, but, the organizations must ensure appropriate setup to ensure continuous mail-flow. How to? To setup DKIM records, first add the records to the DNS system, for each domain in Exchange Online that you plan to use to send email with: After creating the DNS records, enable DKIM signing in the Office 365 Admin Portal. Launch the Security Admin Center. Under E-mail & Collaboration navigate to Policies & rules > Threat policies. Now, under Rules pick DKIM. After that, click on each domain and cl