SPF(supported) / (dedicated subdomain) DKIM(recommended)
This article covers the SPF and DKIM authentication processes for FortiMail Cloud Email Security and how they are managed in Valimail Enforce. While only one of the two authentication methods is required for an email to pass DMARC, our recommendation is to configure both whenever possible.
TABLE OF CONTENTS
- Configuring DKIM authentication for your FortiMail Cloud Email Security emails
- Add a FortiMail Cloud Email Security DKIM key in Enforce
- Configuring SPF authentication for your FortiMail Cloud Email Security emails
Configuring DKIM authentication for your FortiMail Cloud Email Security emails
In order to sign outgoing mail with DKIM signatures, you must configure the protected domain. In this example, a selector and DKIM key is generated for fortinet.com.
Note that DKIM signing settings only appear when configuring an existing protected domain.
1. Go to Domain & User -> Domain -> Domain and edit an existing profile.
2. Under Advanced Setting, click DKIM Setting.
3. Click New.
4. Enter a name in the New selector field.
Note that the selector name must match its corresponding domain name (in this example, fortinet.com)
5. Set DKIM key to Auto Generation. The key pair will be automatically generated and the public key exported for publication on a DNS server.
6. Click OK.
7. The new selector appears. Select the newly created selector and click Download to download the domain key DKIM file.
8. From the DKIM Setting window in FortiMail, select the newly created selector and click Activate.
9. Click Close, and click OK.
10. Add the DKIM key on your domain's configuration page in Valimail Enforce.
You can also find the instructions on how to set up DKIM and SPF for FortiMail Cloud Email Security, here.
Add a FortiMail Cloud Email Security DKIM key in Enforce
Configuring SPF authentication for your FortiMail Cloud Email Security emails
We encourage you to use the comment section for any useful information about your sending service, such as the name of the service owner, change request ticket numbers, etc.