Cisco Cisco Email Security Appliance C190 Guía Del Usuario
21-6
Cisco AsyncOS 9.5 for Email User Guide
Chapter 21 Email Authentication
Configuring DomainKeys and DKIM Signing
Exporting and Importing Domain Profiles
You can export your existing domain profiles to a text file on the appliance. When you export the domain
profiles, all of the profiles existing on the appliance are put into a single text file. See
profiles, all of the profiles existing on the appliance are put into a single text file. See
You can import domain profiles that you have previously exported. Importing domain profiles causes all
of the current domain profiles on the machine to be replaced. See
of the current domain profiles on the machine to be replaced. See
Enabling Signing for Outgoing Mail
DomainKeys and DKIM signing is enabled on mail flow policies for outbound mail. For more
information, see the “Configuring the Gateway to Receive Mail” chapter.
information, see the “Configuring the Gateway to Receive Mail” chapter.
Procedure
Step 1
On the Mail Flow Policies page (from the Mail Policies menu), click on the RELAYED mail flow policy
(outgoing).
(outgoing).
Step 2
From the Security Features section, enable DomainKeys/DKIM Signing by selecting On.
Step 3
Submit and commit your changes.
Enabling Signing for Bounce and Delay Messages
In addition to signing outbound messages, you may want to sign bounce and delay messages. You may
want to do this to alert recipients that the bounce and delay messages they receive from your company
are legitimate. To enable DomainKeys and DKIM signing for bounce and delay messages, you enable
DomainKeys/DKIM signing for the bounce profile associated with the public listener.
want to do this to alert recipients that the bounce and delay messages they receive from your company
are legitimate. To enable DomainKeys and DKIM signing for bounce and delay messages, you enable
DomainKeys/DKIM signing for the bounce profile associated with the public listener.
Procedure
Step 1
On the bounce profile associated with the public listener where you will send signed outbound messages,
go to Hard Bounce and Delay Warning Messages.
go to Hard Bounce and Delay Warning Messages.
Step 2
Enable “Use Domain Key Signing for Bounce and Delay Messages”:
Note
to sign bounced and delay messages.
Note
The From: address in the domain profile must match the address used for the bounce return address. To
ensure these addresses match, you can configure a return address for the bounce profile (System
Administration > Return Addresses), and then use the same name in the Profile Users list in the domain
ensure these addresses match, you can configure a return address for the bounce profile (System
Administration > Return Addresses), and then use the same name in the Profile Users list in the domain