FortiMail Cloud Email Security DMARC Configuration : Valimail Support

SPF(supported) / (dedicated subdomain)
DKIM(recommended)

This article covers the SPF and DKIM authentication processes for FortiMail Cloud Email Security and how they are managed in Valimail Enforce. While only one of the two authentication methods is required for an email to pass DMARC, our recommendation is to configure both whenever possible.

TABLE OF CONTENTS

Configuring DKIM authentication for your FortiMail Cloud Email Security emails
Add a FortiMail Cloud Email Security DKIM key in Enforce
Configuring SPF authentication for your FortiMail Cloud Email Security emails

Configuring DKIM authentication for your FortiMail Cloud Email Security emails

In order to sign outgoing mail with DKIM signatures, you must configure the protected domain. In this example, a selector and DKIM key is generated for fortinet.com.

Note that DKIM signing settings only appear when configuring an existing protected domain.

1. Go to Domain & User -> Domain -> Domain and edit an existing profile.

2. Under Advanced Setting, click DKIM Setting.

3. Click New.

4. Enter a name in the New selector field.

Note that the selector name must match its corresponding domain name (in this example, fortinet.com)

5. Set DKIM key to Auto Generation. The key pair will be automatically generated and the public key exported for publication on a DNS server.

6. Click OK.

7. The new selector appears. Select the newly created selector and click Download to download the domain key DKIM file.

a screenshot of a computer

8. From the DKIM Setting window in FortiMail, select the newly created selector and click Activate.

9. Click Close, and click OK.

10. Add the DKIM key on your domain's configuration page in Valimail Enforce.

You can also find the instructions on how to set up DKIM and SPF for FortiMail Cloud Email Security, here.

Add a FortiMail Cloud Email Security DKIM key in Enforce

1. Go to your domain's Configuration page in Valimail Enforce and publish the newly created DKIM key.

a. Scroll down and add the DKIM key in your configuration, by clicking on Add a DKIM key.

b. Enter the selector name, the DKIM TXT value (the actual value is the entire string after the p= tag), associate the key with FortiMail Cloud Email Security and then click Add.

a screenshot of a computer

You can find more detailed information on how to add a DKIM key in Valimail Enforce here.

Configuring SPF authentication for your FortiMail Cloud Email Security emails

Once you establish that FortiMail Cloud Email Security is an authorized sender for your domain, you will need to add the service in your Enabled Senders list in Enforce.

1. Please go to your domain's Configuration page in Enforce.

2. Click on the + sign from the Enabled Senders section:

a screenshot of a email

3. Choose FortiMail Cloud Email Security from the list of configurable senders and then click Enable:

We encourage you to use the comment section for any useful information about your sending service, such as the name of the service owner, change request ticket numbers, etc.

As always, if you have any questions, please don't hesitate to submit a ticket.