{"id":517,"date":"2017-03-11T13:44:36","date_gmt":"2017-03-11T18:44:36","guid":{"rendered":"http:\/\/www.amixa.com\/blog\/?p=517"},"modified":"2017-03-11T13:44:36","modified_gmt":"2017-03-11T18:44:36","slug":"adding-dkim-records-to-kerio-connect","status":"publish","type":"post","link":"https:\/\/www.amixa.com\/blog\/2017\/03\/11\/adding-dkim-records-to-kerio-connect\/","title":{"rendered":"Adding DKIM records to Kerio Connect"},"content":{"rendered":"<p>If you want to implement DKIM (signed email) to your Kerio Connect setup, here&#8217;s the easy way.<\/p>\n<p>Start by reading these links<\/p>\n<p><a href=\"http:\/\/kb.kerio.com\/product\/kerio-connect\/server-configuration\/security\/authenticating-messages-with-dkim-1482.html\" target=\"_blank\">Kerio link 1<\/a><\/p>\n<p><a href=\"http:\/\/kb.kerio.com\/product\/kerio-connect\/server-configuration\/security\/configuring-dns-for-dkim-1483.html\" target=\"_blank\">Kerio link 2<\/a><\/p>\n<p>The following setup is for Kerio Connect 9.x, and Windows Server 201X DNS server<\/p>\n<ol>\n<li>Make sure your email server is properly connected to a good public DNS server, such as Google (8.8.8.8 and 8.8.4.4.)<\/li>\n<li>Go to Kerio Connect, Configuration, Domains.<\/li>\n<li>Click SHOW PUBLIC KEY and copy it.<\/li>\n<li>paste it into notepad.\u00a0 We&#8217;ll need to rework it a bit to be compatible with Windows DNS.\u00a0 Note:\u00a0 Windows DNS limits the length of one single string of characters, so we&#8217;ll need to split it into several lines.<\/li>\n<li>Reformat it like this.\u00a0 Break it into even lines, around 100 characters each.\u00a0 The exact length doesn&#8217;t matter.\u00a0 Just do it evenly, hit enter at each breakpoint.<\/li>\n<li>\u00a0NOTE:\u00a0 make SURE there is a SPACE between the semicolon and the p\n<ol>\n<li>as in v=DKIM1; p=xxxx<\/li>\n<\/ol>\n<\/li>\n<li>example properly reformatted<img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-large wp-image-519\" src=\"http:\/\/www.amixa.com\/blog\/wp-content\/uploads\/2017\/03\/dkim-1-1024x116.jpg\" alt=\"\" width=\"860\" height=\"97\" srcset=\"https:\/\/www.amixa.com\/blog\/wp-content\/uploads\/2017\/03\/dkim-1-1024x116.jpg 1024w, https:\/\/www.amixa.com\/blog\/wp-content\/uploads\/2017\/03\/dkim-1-300x34.jpg 300w, https:\/\/www.amixa.com\/blog\/wp-content\/uploads\/2017\/03\/dkim-1-768x87.jpg 768w, https:\/\/www.amixa.com\/blog\/wp-content\/uploads\/2017\/03\/dkim-1.jpg 1312w\" sizes=\"auto, (max-width: 860px) 100vw, 860px\" \/><\/li>\n<li>Copy this reformatted string<\/li>\n<li>Go to the domain in your Windows DNS server.\u00a0 For example, if your domain is mydomain.com go to that domain in the DNS Server management console.<\/li>\n<li>right click, other records, add TXT record<\/li>\n<li>Record name is:\u00a0 mail._domainkey<\/li>\n<li>after you enter that, you will see the FQDN look like this:\n<ol>\n<li>mail._domainkey.mydomain.com<\/li>\n<\/ol>\n<\/li>\n<li>Paste the string from #7 above into the text box, as-is.<\/li>\n<li>Hit ok and save that change.<\/li>\n<li>repeat this for any other domain.\u00a0 On Kerio Connect, all the domains on the one email server use the exact same DKIM keys.<\/li>\n<li>Now we are going to test the DKIM record to make sure it can be properly read.\n<ol>\n<li>go to <a href=\"https:\/\/mxtoolbox.com\/\" target=\"_blank\">https:\/\/mxtoolbox.com\/<\/a><\/li>\n<li>type in your domain<\/li>\n<li>hit check MX<\/li>\n<li>when that completes (successfully), change the drop down to &#8220;DKIM Lookup&#8221;\n<ol>\n<li>type in your full DKIM string:<\/li>\n<li>mail._domainkey.mydomain.com.<\/li>\n<\/ol>\n<\/li>\n<li>Run the DKIM Lookup<\/li>\n<li>You should see a successful test, and your report should look just like this:<img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-521 size-large\" src=\"http:\/\/www.amixa.com\/blog\/wp-content\/uploads\/2017\/03\/dkim3-1024x507.jpg\" alt=\"\" width=\"860\" height=\"426\" srcset=\"https:\/\/www.amixa.com\/blog\/wp-content\/uploads\/2017\/03\/dkim3-1024x507.jpg 1024w, https:\/\/www.amixa.com\/blog\/wp-content\/uploads\/2017\/03\/dkim3-300x149.jpg 300w, https:\/\/www.amixa.com\/blog\/wp-content\/uploads\/2017\/03\/dkim3-768x380.jpg 768w, https:\/\/www.amixa.com\/blog\/wp-content\/uploads\/2017\/03\/dkim3.jpg 1624w\" sizes=\"auto, (max-width: 860px) 100vw, 860px\" \/><\/li>\n<li>if it doesn&#8217;t look like this, then you did something wrong with your TXT record creation, or you forgot to put the entire DKIM key in the lookup.<\/li>\n<li>Since all is well, proceed.<\/li>\n<\/ol>\n<\/li>\n<li>next, go back to Kerio Connect.<\/li>\n<li>while still on the domain, check the checkbox to enable DKIM<img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-520 size-medium\" src=\"http:\/\/www.amixa.com\/blog\/wp-content\/uploads\/2017\/03\/dkim2-300x75.jpg\" alt=\"\" width=\"300\" height=\"75\" srcset=\"https:\/\/www.amixa.com\/blog\/wp-content\/uploads\/2017\/03\/dkim2-300x75.jpg 300w, https:\/\/www.amixa.com\/blog\/wp-content\/uploads\/2017\/03\/dkim2.jpg 727w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/li>\n<li>If the DNS on your email server is setup properly, and it is communicating properly to your DNS server, you should see the box above.\n<ol>\n<li>If you see a message &#8220;DKIM public key not found in public DNS&#8221;<\/li>\n<li>try restarting KMS<\/li>\n<li>Try going to a command prompt and ipconfig \/flushdns<\/li>\n<\/ol>\n<\/li>\n<li>Presuming that you do see the proper message in #18 above, we now need to do a test email to verify everything is working.<\/li>\n<li>Go to <a href=\"http:\/\/www.appmaildev.com\/en\/dkim\" target=\"_blank\">http:\/\/www.appmaildev.com\/en\/dkim<\/a><\/li>\n<li>click next step<\/li>\n<li>the site will generate an email address<\/li>\n<li>copy this email address and send a blank email to that address FROM AN EMAIL ACCOUNT ON THE DOMAIN you setup with DKIM above.<\/li>\n<li>Wait for the site to receive the email and generate it&#8217;s report (a few seconds)<\/li>\n<li>you should see DKIM = PASS<\/li>\n<\/ol>\n<p>&nbsp;<\/p>\n<p>While you&#8217;re at it, don&#8217;t forget to create SPF and DMARC records for your domain to cover all the bases.<\/p>\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>If you want to implement DKIM (signed email) to your Kerio Connect setup, here&#8217;s the easy way. Start by reading these links Kerio link 1 Kerio link 2 The following setup is for Kerio Connect 9.x, and Windows Server 201X DNS server Make sure your email server is properly connected to a good public DNS server, such as Google (8.8.8.8<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1,22],"tags":[20,18,8],"class_list":["post-517","post","type-post","status-publish","format-standard","hentry","category-random-bits","category-windows-server","tag-email","tag-email-server","tag-microsoft-windows-server"],"_links":{"self":[{"href":"https:\/\/www.amixa.com\/blog\/wp-json\/wp\/v2\/posts\/517","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.amixa.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.amixa.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.amixa.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.amixa.com\/blog\/wp-json\/wp\/v2\/comments?post=517"}],"version-history":[{"count":1,"href":"https:\/\/www.amixa.com\/blog\/wp-json\/wp\/v2\/posts\/517\/revisions"}],"predecessor-version":[{"id":522,"href":"https:\/\/www.amixa.com\/blog\/wp-json\/wp\/v2\/posts\/517\/revisions\/522"}],"wp:attachment":[{"href":"https:\/\/www.amixa.com\/blog\/wp-json\/wp\/v2\/media?parent=517"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.amixa.com\/blog\/wp-json\/wp\/v2\/categories?post=517"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.amixa.com\/blog\/wp-json\/wp\/v2\/tags?post=517"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}