This help section describes the DKIM test and the related settings available under the page in the navigation.
DomainKeys Identified Mail (DKIM) is a crypthograhic approach to email authentication that allows senders to sign outbound emails with a digital signature which then can be verified by recipients using the public key DNS record of the sending domain. Succesful verification of the signature proves that the email has not been altered in transit.
Enable this test on perimeter servers only. Mail transfer agents, including Microsoft® Exchange, may rewrite parts of the message header and/or body before forwarding the email to the next hop device which can break the DKIM signature and cause false positives.
Click the Settings button to configure the DKIM test feature of ORF. More information is available in the DKIM Settings section.
Click the Configure button of the User-Defined DKIM Blacklist group. Use this test to blacklist emails that are signed by specific signers.
Visit the DKIM website at http://www.dkim.org/.
Please visit the DKIM website to learn more about publishing learn more about publishing a DKIM record for your domain.
ORF implements RFC6376, RFC8301 published in September 2018. As of writing this, RFC6376 is latest version of the DKIM standard.
The optional Authentication-Results header field is not appended to emails. ORF does not sign outbound messages.