Getting Exchange to do DKIM

Question

Having read Jeff's blog post about Email and DKIM, I'm thinking it might be good to DKIM all mail coming out of our Exchange 2003 servers. Whats a good way of going about that?

icky3000 · Accepted Answer · 2010-04-23 14:03:08Z

5

No version of Exchange supports DKIM. Microsoft has put their support behind SPF/SenderID instead. There are a couple third-party products that can be added to Exchange to do DKIM (like this, for instance) but I personally wouldn't run that stuff on any of my Exchange servers. The more common approach is to have another server (or servers) sitting between Exchange and the internet running a more secure MTA that can do the DKIM for you.

answered Apr 23, 2010 at 14:03

icky3000

4,9381 gold badge22 silver badges15 bronze badges

6

While I agree with you on your DKIM statements, I disagree with your insinuation that Exchange's MTA isn't secure. It's not the MTA that's insecure it's the admins who don't configure Exchange correctly that makes it insecure.
– joeqwerty
Commented Apr 23, 2010 at 14:50
5

Too bad about Microsoft's attitude on this, as things like SPF and DKIM are complementary, not in opposition. Quite simply, having both lowers the spam score more than having just one of them on all the test systems I've seen so far, as well as the production spam filters I've looked at.
– John Gardeniers
Commented Apr 28, 2010 at 12:17
@joequerty Why does microsoft recommend the use of edge transport server?
– 93196.93
Commented Apr 10, 2012 at 10:22

Add a comment |

Stefan Profanter · Accepted Answer · 2017-04-05 09:40:34Z

9

I wrote an open source DKIM signing module for Exchange 2007, 2010, 2012, and 2016: https://github.com/Pro/dkim-exchange

We are using it now for a few months and didn't have any problems yet.

edited Apr 5, 2017 at 9:40

answered Apr 8, 2013 at 19:10

Stefan Profanter

3651 gold badge6 silver badges17 bronze badges

Add a comment |

Tory Netherton · Accepted Answer · 2012-09-04 17:10:57Z

3

I have an open source version of a DKIM signing transport agent for Microsoft Exchange hosted on BitBucket here. It only works on Exchange 2007 at the moment, although it could easily be adapted to work on later versions. Unfortunately 2003 can't be helped because there is no ability to write your own transport agents on it.

answered Sep 4, 2012 at 17:10

Tory Netherton

1614 bronze badges

1

UPDATE: I highly recommend using the project mentioned by Probot (github.com/Pro/dkim-exchange) instead of that little one I made.
– Tory Netherton
Commented Jul 2, 2014 at 19:29

Add a comment |

Daniel Chan · Accepted Answer · 2014-01-19 08:31:11Z

0

tried this one (EA DomainKeys/DKIM for Exchange Server and IIS SMTP Service), its working though it is not free.

answered Jan 19, 2014 at 8:31

Daniel Chan

1

Add a comment |

Stack Exchange Network

Getting Exchange to do DKIM

4 Answers 4

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged
exchange
exchange-2003
dkim
domainkeys
.

Hot Network Questions

Getting Exchange to do DKIM

4 Answers 4

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged exchangeexchange-2003dkimdomainkeys.

Related

Hot Network Questions

Not the answer you're looking for? Browse other questions tagged
exchange
exchange-2003
dkim
domainkeys
.