Email DKIM/DMARC Overview

Digital Key
Click to enlarge

We’ve been fielding more questions lately about email DKIM/DMARC.  You may have already read the CU*Answers Kitchen Page about it.

DMARC is an email anti-spam measure the big email providers like Google and Microsoft are forcing on everyone very quickly.   The basic mile-high overview is that any servers originating bulk email for a domain name must cryptographically DKIM sign each mail that goes out with unique keys for that server. If you have multiple servers/vendors they may each want to have indepedent DKIM keys configured.

The DMARC part means that mail servers receiving mail from your domain reference your DKIM keys configured in your DNS for the specific sending server/vendor and actively confirm if the mail is allowed to be sent based on policy you’ve configured for your domain. is one such vendor that you should probably configure DKIM on, or any other marketing member mail type services/vendors that use your domain’s FROM: address to send.

Our CUA Network Services Team and CU*BASE Programming Team area working on a DKIM project for member mail from the core.

If you need DNS records configured for your Web Services managed domain, please email the specific changes needed in copy/paste-able text format.

Learn More in the CU*Answers Kitchen