This article covers the SPF and DKIM authentication processes for D2L Brightspace and how they are managed in Valimail Enforce. While only one of the two authentication methods is required for an email to pass DMARC, our recommendation is to configure both whenever possible.
TABLE OF CONTENTS
- Configuring DKIM authentication for your D2L Brightspace emails
- Add a D2L Brightspace DKIM key in Enforce
- Configuring SPF authentication for your D2L Brightspace emails
Configuring DKIM authentication for your D2L Brightspace emails
Setting up DKIM for D2L Brightspace is fairly easy.
You just need to add 2 CNAME DKIM keys in Valimail Enforce with the following values and selectors:
A private and public domain key pair is required to allow D2L to sign mail sent on your behalf and enable recipients to decode headers and verify the source of the email.
D2L generates the private and public domain key pair and imports it for use in signing email messages sent from the D2L Cloud on behalf of your domain. D2L provides the public DKIM TXT records to your organization for use in creating the corresponding CNAME records.
D2L will rotate the active DKIM keys every six months. When one key is rotated, the second will become active in signing emails, after which the process will repeat at six-month intervals. For organizations that have DKIM keys enabled and are using a custom mail domain, email delivery may be impacted if both required DKIM CNAME records are not in place at the time of rotation.
The service owner of D2L Brighspace within your organization, will need to contact D2L Brighspace to make sure they DKIM record are validated.
You can also find the instructions on how to set up DKIM and SPF in D2L Brightspace here.
Add a D2L Brightspace DKIM key in Enforce
Configuring SPF authentication for your D2L Brightspace emails
We encourage you to use the comment section for any useful information about your sending service, such as the name of the service owner, change request ticket numbers, etc.