Setting up DKIM on an on-premises Exchange server
Posted: Tue Apr 22, 2025 10:31 am
Microsoft Exchange Server is a mail server and calendar server developed by Microsoft. On-premises Exchange Server refers to a server that is set up locally (offline). Microsoft's on-premises Exchange Server does not currently support DKIM signing, so it must be installed externally and set up on the server to ensure that emails are protected with DKIM. Here's how you do it:
Steps to install DKIM for internal servers
Step 1: Download the latest version of DKIM-Exchange from Github
You can download the latest version of the GUI package on Github or buy bulk sms service directly visit this link: https://github.com/Pro/dkim-exchange/releases/latest
Step 2: Unzip on the Exchange server
To begin the installation process, you must unpack and run the DKIM-exchange signer on your Exchange server.
Step 3: Start running Configuration.DkimSigner.exe
To prevent errors, start running Configuration.DkimSigner.exe on the Exchange server. You should see the Exchange DKIM Signer window prompting you to begin the installation.
Step 4: Click Install
Click "Install" in the DKIM-signer section.
After the installation process is complete, click on the Close button.
Steps to configure DKIM for an on-premises server
Step 1: Launch the configuration executable
To begin the configuration process, you need to launch the configuration executable that connects DKIM Signer to the installed graphical user interface.
Internal Exchange Server
Step 2: Move the DKIM Signer priority to 1
In the Exchange DKIM Signer window (Information tab), click Configure, and then click Move Up, and continue to move up the Exchange DKIMSigner priority until it reaches 1.
Step 3: Change the canonicalization of titles and body to loose format
Click the DKIM Settings tab and select the Loose setting for both header and body canonicalization.
Step 4: Generate a new key pair
Open the "Domain Settings" tab, enter the domain name and DKIM selector, and generate a new pair of DKIM keys. Select an appropriate key length (such as 2048 bits), and then click "Generate New Key".
Step 5: Save the key
A new window will open prompting you to save the newly created key to
"C:\Program Files\Exchange DkimSigner\keys".
Step 6: Publish the DKIM DNS TXT record
You need to publish the generated public key on DNS, this is the "Suggested DNS Record" that appears on the signer, and the "Suggested DNS Name" that needs to be published on it.
To check and verify the signature of your on-premises server
Step 1: Click Check
Once the record is published, go to the "Domain Settings" tab and click "Check". This will help the DKIM Signer find your DNS and check the configuration. Once the verification is complete, the results will appear on your screen and you can click "Save Domain" to save your settings.
Step 2: Restart the Exchange Transport service
Return to the "Information" tab and click "Restart".
Step 3: Verify your DKIM internal implementation
Use our free DKIM Checker tool to verify your records and make sure they are functioning properly. This will help you spot errors and fix them immediately.
Steps to install DKIM for internal servers
Step 1: Download the latest version of DKIM-Exchange from Github
You can download the latest version of the GUI package on Github or buy bulk sms service directly visit this link: https://github.com/Pro/dkim-exchange/releases/latest
Step 2: Unzip on the Exchange server
To begin the installation process, you must unpack and run the DKIM-exchange signer on your Exchange server.
Step 3: Start running Configuration.DkimSigner.exe
To prevent errors, start running Configuration.DkimSigner.exe on the Exchange server. You should see the Exchange DKIM Signer window prompting you to begin the installation.
Step 4: Click Install
Click "Install" in the DKIM-signer section.
After the installation process is complete, click on the Close button.
Steps to configure DKIM for an on-premises server
Step 1: Launch the configuration executable
To begin the configuration process, you need to launch the configuration executable that connects DKIM Signer to the installed graphical user interface.
Internal Exchange Server
Step 2: Move the DKIM Signer priority to 1
In the Exchange DKIM Signer window (Information tab), click Configure, and then click Move Up, and continue to move up the Exchange DKIMSigner priority until it reaches 1.
Step 3: Change the canonicalization of titles and body to loose format
Click the DKIM Settings tab and select the Loose setting for both header and body canonicalization.
Step 4: Generate a new key pair
Open the "Domain Settings" tab, enter the domain name and DKIM selector, and generate a new pair of DKIM keys. Select an appropriate key length (such as 2048 bits), and then click "Generate New Key".
Step 5: Save the key
A new window will open prompting you to save the newly created key to
"C:\Program Files\Exchange DkimSigner\keys".
Step 6: Publish the DKIM DNS TXT record
You need to publish the generated public key on DNS, this is the "Suggested DNS Record" that appears on the signer, and the "Suggested DNS Name" that needs to be published on it.
To check and verify the signature of your on-premises server
Step 1: Click Check
Once the record is published, go to the "Domain Settings" tab and click "Check". This will help the DKIM Signer find your DNS and check the configuration. Once the verification is complete, the results will appear on your screen and you can click "Save Domain" to save your settings.
Step 2: Restart the Exchange Transport service
Return to the "Information" tab and click "Restart".
Step 3: Verify your DKIM internal implementation
Use our free DKIM Checker tool to verify your records and make sure they are functioning properly. This will help you spot errors and fix them immediately.