This article covers the SPF and DKIM authentication processes for Trend Micro Email Security and how they are managed in Valimail Enforce. While only one of the two authentication methods is required for an email to pass DMARC, our recommendation is to configure both whenever possible.


Configuring DKIM authentication for your Trend Micro Email Security emails

The DKIM signing settings apply only to the selected sender domain.

1. Log into your Trend Micro Email Security console.

2. Go to Outbound Protection -> DomainKeys Identified Mail (DKIM) Signing.

3. Click Add.

The Add DKIM Signing Settings screen appears.

4. Select a specific sender domain from the Managed domain drop-down list.

5. Select Enable DKIM signing.

6. Optionally select Sign email messages with no envelope sender addresses.

For email messages with no envelope sender addresses (such as auto-reply messages or bounced messages), Trend Micro Email Security attempts to find the sender domain from the email header From and applies DKIM signing settings of the sender domain.

7. Configure general settings for DKIM signing.

SDID: select a signing domain identifier from the drop-down list.

Selector: selector to subdivide key namespace. Retain the default value.

Headers to sign: select one or multiple headers to sign and customize more headers if necessary.

Wait time: specify how long it takes for a key pair to take effect. Trend Micro Email Security starts to count the wait time once if finds the public key in the DNS.

Key pair: select a key length and click Generate to generate a key pair.

Note: If you are managing DKIM in Valimail for your domain, the DKIM key/s will need to be added in the Configuration page for your domain in Valimail Enforce.

You can also find the instructions on how to set up DKIM and SPF for Trend Micro Email Security, here.

Add a Trend Micro Email Security DKIM key in Enforce

1. Go to your domain's Configuration page in Valimail Enforce and publish the newly created DKIM key.

    a. Scroll down and add the DKIM key in your configuration, by clicking on Add a DKIM key

    b. Enter the selector name, the DKIM TXT value (the actual value is the entire string after the p= tag), associate the key with Trend Micro Email Security and then click Add.

a screenshot of a computer

You can find more detailed information on how to add a DKIM key in Valimail Enforce here. 

Configuring SPF authentication for your Trend Micro Email Security emails

Once you establish that Trend Micro Email Security is an authorized sender for your domain, you will need to add the service in your Enabled Senders list in Enforce.

1. Please go to your domain's Configuration page in Enforce.

2. Click on the + sign from the Enabled Senders section:

a screenshot of a email

3. Choose Trend Micro Email Security from the list of configurable senders and then click Enable:

a screenshot of a computer

We encourage you to use the comment section for any useful information about your sending service, such as the name of the service owner, change request ticket numbers, etc.

As always, if you have any questions, please don't hesitate to submit a ticket.