Valimail

This article covers the SPF and DKIM authentication processes for OCLC and how they are managed in Valimail. While only one of the two authentication methods is required for an email to pass DMARC, our recommendation is to configure both whenever possible.

Configuring DKIM authentication for your OCLC emails

Make a CNAME record pointing to the illiad1.illiad.oclc.org txt record, which has the DKIM keys you will need. This needs to be created by your DNS administrator in your domain's DNS records. The  “illiad1._domainkey.inst.name” (ex: illiad1._domainkey.SchoolorLibraryName.edu) pointing to illiad1.illiad.oclc.org

<a href="https://help-nl.oclc.org/Resource_Sharing/ILLiad/Troubleshooting/What_should_we_add_to_our_SPF_record_for_emails_coming_from_OCLC" rel="nofollow noopener noreferrer" target="_blank">Add ILLiad.oclc.org to your SPF record</a>. The combination of DKIM and SPF alignment will result in DMARC compliance. The selector in the DKIM record is illiad1.

Close ILLiad, reopen it, and try to resend an email notification. Let <a href="https://help-nl.oclc.org/Librarian_Toolbox/Contact_OCLC_Support/Contact_OCLC_Support_in_your_region" rel="nofollow noopener noreferrer" target="_blank">OCLC Support</a> know if the issue is not resolved.

1. Make a CNAME record pointing to the illiad1.illiad.oclc.org txt record, which has the DKIM keys you will need. This needs to be created by your DNS administrator in your domain's DNS records. The “illiad1._domainkey.inst.name” (ex: illiad1._domainkey.SchoolorLibraryName.edu) pointing to illiad1.illiad.oclc.org
2. <a href="https://help-nl.oclc.org/Resource_Sharing/ILLiad/Troubleshooting/What_should_we_add_to_our_SPF_record_for_emails_coming_from_OCLC" rel="nofollow noopener noreferrer" target="_blank">Add ILLiad.oclc.org to your SPF record</a>. The combination of DKIM and SPF alignment will result in DMARC compliance. The selector in the DKIM record is illiad1.
3. Close ILLiad, reopen it, and try to resend an email notification. Let <a href="https://help-nl.oclc.org/Librarian_Toolbox/Contact_OCLC_Support/Contact_OCLC_Support_in_your_region" rel="nofollow noopener noreferrer" target="_blank">OCLC Support</a> know if the issue is not resolved.

If the above solution is not possible, or you need email to work again quickly, then you can do the following:

Open the Customization Manager and search for the EMailFromAddress and DocDelEmailFromAddress keys.

Set them to <a href="mailto:donotreply@oclc.org" rel="nofollow noopener noreferrer" target="_blank">donotreply@oclc.org</a> so that the email notifications come from our domain.

Inside the email, you can let the patrons know how to reply to you with any questions (email, phone, etc).

If you have any EmailRouting rules, you will need to update the DefaultEMailAddress to <a href="mailto:donotreply@oclc.org" rel="nofollow noopener noreferrer" target="_blank">donotreply@oclc.org</a> for any record under the ProcessType of Doc Del or Borrowin

Check the LocalInfo table for email addresses and update them to <a href="mailto:donotreply@oclc.org" rel="nofollow noopener noreferrer" target="_blank">donotreply@oclc.org</a> as needed.

Please contact <a href="https://help-nl.oclc.org/Librarian_Toolbox/Contact_OCLC_Support/Contact_OCLC_Support_in_your_region" rel="nofollow noopener noreferrer" target="_blank">OCLC Support</a> to let us know that youneed DKIM signing. We need the domain that the emails are coming from (ex. <a href="mailto:student@schoolname.edu" rel="nofollow noopener noreferrer" target="_blank">student@schoolname.edu</a>).

1. Open the Customization Manager and search for the EMailFromAddress and DocDelEmailFromAddress keys.
2. Set them to <a href="mailto:donotreply@oclc.org" rel="nofollow noopener noreferrer" target="_blank">donotreply@oclc.org</a> so that the email notifications come from our domain. 
3. Inside the email, you can let the patrons know how to reply to you with any questions (email, phone, etc).
4. If you have any EmailRouting rules, you will need to update the DefaultEMailAddress to <a href="mailto:donotreply@oclc.org" rel="nofollow noopener noreferrer" target="_blank">donotreply@oclc.org</a> for any record under the ProcessType of Doc Del or Borrowin
5. Check the LocalInfo table for email addresses and update them to <a href="mailto:donotreply@oclc.org" rel="nofollow noopener noreferrer" target="_blank">donotreply@oclc.org</a> as needed.
6. Please contact <a href="https://help-nl.oclc.org/Librarian_Toolbox/Contact_OCLC_Support/Contact_OCLC_Support_in_your_region" rel="nofollow noopener noreferrer" target="_blank">OCLC Support</a> to let us know that youneed DKIM signing. We need the domain that the emails are coming from (ex. <a href="mailto:student@schoolname.edu" rel="nofollow noopener noreferrer" target="_blank">student@schoolname.edu</a>).

You can also find the instructions on how to set up DKIM and SPF for OCLC, <a href="https://help-nl.oclc.org/Resource_Sharing/ILLiad/Troubleshooting/Does_ILLiad_Support_the_DMARC_Process_using_DKIM_for_EMail_Notifications" rel="nofollow noopener noreferrer" target="_blank">here</a>.

You can find more detailed information on how to add a DKIM key in Valimail, here:

Configuring SPF authentication for your OCLC emails

Once you establish that OCLC is an authorized sender for your domain, you will need to add the service in your Enabled Senders.

You will find more detailed information on how to add a service for your domain in Valimail, here:

Note: We encourage you to use the comment section for any useful information about your sending service, such as the name of the service owner, change request ticket numbers, etc.

Configuring DKIM authentication for your OCLC emails

Add an OCLC DKIM key in Valimail

Configuring SPF authentication for your OCLC emails