This article covers the SPF and DKIM authentication processes for Oracle Right Now and how they are managed in Valimail Enforce. While only one of the two authentication methods is required for an email to pass DMARC, our recommendation is to configure both whenever possible.
TABLE OF CONTENTS
- Configuring DKIM authentication for your Oracle Right Now emails
- Add an Oracle Right Now DKIM key in Enforce
- Configuring SPF authentication for your Oracle Right Now emails
Configuring DKIM authentication for your Oracle Right Now emails
To enable DKIM for your outbound email using your organization’s domain name in the Friendly From/Branded Address field (email are signed based on the value configured in the outgoing email settings), use the following checklist:
- Submit a service request for this information requesting DKIM signing. Specify the email address you intend on using as the Friendly From/Branded Address in your mailings. Oracle Right Now's standard key length is 1024 bit. If you would like a 2048 bit key please add that information to your request. We recommend you chose the 2048 bit.
- Oracle will generate a public-private key pair for use in signing these messages, and will generate a unique selector that will be used for signing your messages, and will update the incident with the selector in a form suitable for use with BIND DNS servers. If you have multiple domains we can specify a key which can be used for multiple domains on one site.
- Your organization’s IT administrators must add this selector within the domain desired to be signed. If your IT department uses a DNS infrastructure other than BIND, they must consult their documentation or vendors on the appropriate form to be used. Update the incident when this step has been completed. The DKIM key will need to be published in Valimail Enforce.
- Oracle will verify that the DKIM key has been published correctly, and that the published selector in your domain validates against DKIM standards.
- Oracle will configure their mail servers to sign messages matching the domain name portion of your “From:” address, and will close the incident after testing. Subsequently, all your email using that domain name delivered from our hosting environment will contain a DKIM signature. If you have added a domain key for multiple domains then the process repeats with (3) you publishing the key for the new domain, then we will verify (4) and enable (5) the key for that domain on our servers.
You can find more info about the whole DKIM set up process in Oracle Right Now here.
Add an Oracle Right Now DKIM key in Enforce
1. Go to your domain's Configuration page in Valimail Enforce and publish the newly created DKIM key.
a. Scroll down and add the DKIM key in your configuration, by clicking on Add a DKIM key.
b. Enter the selector name, the DKIM TXT value (the actual value is the entire string after the p= tag), associate the key with Oracle Right Now and then click Add.
You can find more detailed information on how to add a DKIM key in Valimail Enforce here.
Configuring SPF authentication for your Oracle Right Now emails
Once you establish that Oracle Right Now is an authorized sender for your domain, you will need to add the service in your Enabled Senders list in Enforce.
1. Please go to your domain's Configuration page in Enforce.
2. Click on the + sign from the Enabled Senders section:
3. Choose Oracle Right Now from the list of configurable senders and then click Enable:
We encourage you to use the comment section for any useful information about your sending service, such as the name of the service owner, change request ticket numbers, etc.
As always, if you have any questions, please don't hesitate to submit a ticket.