Situation:
O365 does offer the ability to create and activate DKIM keys so that they can be added to your SMTP authentication process to ensure deliverability for your email domain.
Solution:
The steps below will direct you and guide you on how to activate DKIM keys in O365 and have them added in DNS or Redsift.
1- Open a browser to admin.microsoft.com and login with a Global Administrator account.
2- Once logged in type DKIM in the search bar at the top of the browser and select DKIM IN MICROSOFT 365 DEFENDER.
3- Once logged in you will find a listing of your domains associated with your O365 tenant.
4- Next locate the domain in question you would like to active DKIM keys for and toggle the DISABLE option to ENABLE.
5- You will presented with a message box that contains the DKIM keys in question.
6- The message box does provide you 2 CNAME records. Those CNAME records are the DKIM keys which are similar to the highlighted entries below.
7 - By default the syntax for these CNAME records would look similar to that indicated below.
CNAME
NAME : VALUE:
selector1._domainkey selector1-yourdomain-com._domainkey.yourdomain.onmicrosoft.com
selector2._domainkey selector2-yourdomain-com._domainkey.yourdomain.onmicrosoft.com
8- Copy both these records and add them to your DNS as CNAME records or in Redsift if you are using Redsift for your Dmarc report analyzer.
9- Once the records have been added in DNS or Redsift, Go back to O365 and attempt to enable the DKIM record by toggling the DISABLE option to ENABLE. It might take a couple of minutes to activate at first.
10- Once activated, the DISABLE toggle will go blue and ENABLED will be displayed.
