Open utterances-bot opened 3 years ago
Superb guide & relevant as ever, used on Server Core 2019 with Exchange 2019! On Server Core, it bugs out when you try and generate or select key, however, and you need to install the Server Core App Compatibility Feature on Demand (FOD) first, then you're in business. I successfully setup SPF, DKIM & DMARC in a day, thanks in part to this.
It'd be worth adding a follow-up DMARC article, to tie it all together.
Thank you so very much! This was the most helpful step-by-step instructions I found.
Excellent article. Successfully installed it on Exchange 2016 Edge server with multiple domain names.
@inferKNOX Thanks for the tip regarding Server Core App Compatibility Feature on Demand (FOD). đź‘Ť
Yes. A DMARC/SPF follow up is a good idea. Will have that up soon.
Great walkthrough! Works fantastic on Exchange 2013. Thank you!
hi, how do I copy the configuration to the second(ary) Exchange Servers?? Or I don't, instead, create key2_2017??
also, how do I find out the expiration of the keys? I suppose if the keys failed, email messages would just became "DKIM failed"...it would be nice to be on top of this as well...
Hi good day. For example, in my environment I have two mail servers, should I install the program on both servers and create two txt records in my dns? or with a registry that is married to my domain enough?
We use DNS with a mail DNS entry with the IP addresses of both exchange servers.
Internal DNS example: mail.mydomain.com resolves to: 192.168.1.1 (exchange #1) & 192.168.1.2 (exchange #2) External DNS: mail.mydomain.com resolves to my pubic IP address
I installed the program on both servers with the same key.
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Tracy Garner Network Administrator
City of West University Place 3826 Amherst, West University Place, TX 77005 Tel 713.662.5399
[City of West U]http://www.westutx.gov/[Facebook]http://www.facebook.com/CityofWestUniversityPlaceTX[Twitter]http://twitter.com/CityofWestU
ATTENTION PUBLIC OFFICIALS: This email, plus any attachments, may constitute a public record of the City of West University Place and may be subject to public disclosure under the Texas Public Information Acthttp://www.statutes.legis.state.tx.us/Docs/GV/htm/GV.552.htm. A "reply to all" of this e-mail could lead to violations of the Texas Open Meetings Acthttp://www.statutes.legis.state.tx.us/SOTWDocs/GV/htm/GV.551.htm. Please reply only to the sender.
From: ArlethKarinaAcosta notifications@github.com Sent: Thursday, March 4, 2021 10:14 AM To: colinwilson/comments comments@noreply.github.com Cc: Tracy Garner tgarner@westutx.gov; Comment comment@noreply.github.com Subject: Re: [colinwilson/comments] Setting up DKIM for Exchange Server (#6)
CAUTION: This email originated from outside your organization. Exercise caution when opening attachments or clicking links, especially from unknown senders.
Hi good day. For example, in my environment I have two mail servers, should I install the program on both servers and create two txt records in my dns? or with a registry that is married to my domain enough?
— You are receiving this because you commented. Reply to this email directly, view it on GitHubhttps://github.com/colinwilson/comments/issues/6#issuecomment-790735181, or unsubscribehttps://github.com/notifications/unsubscribe-auth/ASLHMLR2CN55KYCYFKBDQ7TTB6WVZANCNFSM4VTASQCA.
Many thanks for the article... it's one thing to sit and fiddle-fart to figure things out in a lab, but when you need to add to production right away, it's nice to have someone who has walked through it like this! So - thanks!
Quick question, before I add any more domains.
The changing of the order of processing - the app install/configure "hint", says that DKIM signing should have the LOWEST priority, where you have suggested it should be in the top 3, or preferred at #1. I have taken your advice, and put it at #1, but wanted to ask...
Thanks! Andrew
Is this version (3.3.2) OK for Exchange 2010? COVID put a hamper on our revenue/spending at the moment and I'm trying to get rid of "you are SPAM" on some of our emails going out. Need to add DKIM... I have SPF. Thanks ....
@AKPTN There were issues in previous versions with the transport service not starting/crashing when installed on Ex2010. AFAIK this issue still persists in later versions (≥3.0.12). So no, I don't think 3.3.2 is compatible unfortunately.
Thanks Colin.. Hmmm - anyone know where there is a stable one for EX 2010? I believe AdminSystems isn't even updating for 2010 anymore ..
And sorry, I can’t be much help…. Only using it (successfully) on 2016.
Setup a quick lab machine, and try? :-)
Andrew
From: Colin Wilson @.> Sent: July 27, 2021 5:18 PM To: colinwilson/comments @.> Cc: Andrew Bienhaus @.>; Comment @.> Subject: Re: [colinwilson/comments] Setting up DKIM for Exchange Server (#6)
@AKPTNhttps://github.com/AKPTN There were issues in previous versions with the transport service not starting/crashing when installed on Ex2010. AFAIK this issue still persists in later versions (≥3.0.12). So no, I don't think 3.3.2 is compatible unfortunately.
— You are receiving this because you commented. Reply to this email directly, view it on GitHubhttps://github.com/colinwilson/comments/issues/6#issuecomment-887841605, or unsubscribehttps://github.com/notifications/unsubscribe-auth/AL4JCWXSQQSX4K76BE2ERJTTZ4PA7ANCNFSM4VTASQCA.
@AndrewBienhaus Sorry, I've only now seen your comment:
The changing of the order of processing - the app install/configure "hint", says that DKIM signing should have the LOWEST priority, where you have suggested it should be in the top 3, or preferred at #1. I have taken your advice, and put it at #1
I think I'm wrong and the app advice is correct! Will check and update the article accordingly. Thanks for bringing attention to this đź‘Ť.
Do me a favor? Reply again once you’ve figured it out for sure, and I’ll dive back in and make sure I’ve got mine set correctly after you’ve checked it out. :-)
From: Colin Wilson @.> Sent: Tuesday, July 27, 2021 6:06:55 PM To: colinwilson/comments @.> Cc: AndrewBienhaus @.>; Mention @.> Subject: Re: [colinwilson/comments] Setting up DKIM for Exchange Server (#6)
@AndrewBienhaushttps://github.com/AndrewBienhaus Sorry, I've only now seen your comment:
The changing of the order of processing - the app install/configure "hint", says that DKIM signing should have the LOWEST priority, where you have suggested it should be in the top 3, or preferred at #1. I have taken your advice, and put it at #1
I think I'm wrong and the app advice is correct! Will check and update the article accordingly. Thanks for bringing attention to this đź‘Ť.
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHubhttps://github.com/colinwilson/comments/issues/6#issuecomment-887865970, or unsubscribehttps://github.com/notifications/unsubscribe-auth/AL4JCWQGK2MLP4ZFDKAYQITTZ4UX7ANCNFSM4VTASQCA.
Anyone that can lead me to find DKIM for ex2010?
@AndrewBienhaus
Do me a favor? Reply again once you’ve figured it out
Will do đź‘Ť.
thank you so much for the walkthrough for config. extremely helpful! not sure why they chose not to include these details in their wiki
Anyone can help me what if I have two exchange servers? Do I need to generate two keys separately for each servers ?
Is there a free tool to check inbound emails ?
What if one Exchange 2016 server host more than 1 mail domain? Just adding them one after one and the domain which is added also add the DNS TXT-record. The other domains which are not added will keep working without DKIM? Thanks for your feedback.
I did the same configuration and no go on Exchange 2016 CU23 Win 2012 R2 DKIM Signer 3.4.0
"Click Configure and move the priority of the DkimSigner Agent up to at least 3, if not 1 (This is to prevent other agents from potentially interfering with the headers), and then click Close" Other articles are recommending it to be at the end
When I test using mxtoolbox or DKIMvalidator sites I get that the check is passed! any idea why this is happening?
Thanks in advance
Setting up DKIM for Exchange Server
Setup DKIM for Exchange Server
https://colinwilson.uk/2017/07/19/setting-up-dkim-for-exchange-server/