This article covers the SPF and DKIM authentication processes for Trend Micro Email Security and how they are managed in Valimail. While only one of the two authentication methods is required for an email to pass DMARC, our recommendation is to configure both whenever possible.

The DKIM signing settings apply only to the selected sender domain.

1. Log into your Trend Micro Email Security console.

2. Go to Outbound Protection -> DomainKeys Identified Mail (DKIM) Signing.

3. Click Add.

The Add DKIM Signing Settings screen appears.

4. Select a specific sender domain from the Managed domain drop-down list.

5. Select Enable DKIM signing.

6. Optionally select Sign email messages with no envelope sender addresses.

For email messages with no envelope sender addresses (such as auto-reply messages or bounced messages), Trend Micro Email Security attempts to find the sender domain from the email header From and applies DKIM signing settings of the sender domain.

7. Configure general settings for DKIM signing.

SDID: select a signing domain identifier from the drop-down list.

Selector: selector to subdivide key namespace. Retain the default value.

Headers to sign: select one or multiple headers to sign and customize more headers if necessary.

Wait time: specify how long it takes for a key pair to take effect. Trend Micro Email Security starts to count the wait time once if finds the public key in the DNS.

Key pair: select a key length and click Generate to generate a key pair.

Note: If you are managing DKIM in Valimail for your domain, the DKIM key/s will need to be added in the Configuration page for your domain in Valimail Enforce.

You can also find the instructions on how to set up DKIM and SPF for Trend Micro Email Security, here.

You can find more detailed information on how to add a DKIM key in Valimail, here:

Once you establish that Trend Micro Email Security is an authorized sender for your domain, you will need to add the service in your Enabled Senders.

You will find more detailed information on how to add a service for your domain in Valimail, here:

Note: We encourage you to use the comment section for any useful information about your sending service, such as the name of the service owner, change request ticket numbers, etc.