Cisco Cisco Email Security Appliance C380 用户指南
17-6
Cisco AsyncOS 8.0.2 for Email User Guide
Chapter 17 Email Authentication
Configuring DomainKeys and DKIM Signing
Procedure
Step 1
On the bounce profile associated with the public listener where you will send signed outbound messages,
go to Hard Bounce and Delay Warning Messages.
go to Hard Bounce and Delay Warning Messages.
Step 2
Enable “Use Domain Key Signing for Bounce and Delay Messages”:
Note
You must have completed all steps listed in
to sign bounced and delay messages.
Note
The From: address in the domain profile must match the address used for the bounce return address. To
ensure these addresses match, you can configure a return address for the bounce profile (System
Administration > Return Addresses), and then use the same name in the Profile Users list in the domain
profile. For example, you would configure a return address of MAILER-DAEMON@example.com for
the bounce return address, and add MAILER-DAEMON@example.com as a profile user in the domain
profile.
ensure these addresses match, you can configure a return address for the bounce profile (System
Administration > Return Addresses), and then use the same name in the Profile Users list in the domain
profile. For example, you would configure a return address of MAILER-DAEMON@example.com for
the bounce return address, and add MAILER-DAEMON@example.com as a profile user in the domain
profile.
Configuring DomainKeys/DKIM Signing (GUI)
Procedure
Step 1
Create a new or import an existing private key. For information on creating or importing signing keys,
see
see
.
Step 2
Create a domain profile and associate the key with the domain profile. For information on creating a
domain profile, see
domain profile, see
.
Step 3
Create the DNS text record. For information about creating the DNS text record, see
.
Step 4
If you have not already done so, enable DomainKeys/DKIM signing on a mail flow policy for outbound
mail (see
mail (see
Step 5
Optionally, enable DomainKeys/DKIM signing for bounced and delay messages. For information about
enabling signing for bounce and delay messages, see
enabling signing for bounce and delay messages, see
.
Step 6
Send email. Mail sent from a domain that matches a domain profile will be DomainKeys/DKIM signed.
In addition, bounce or delay messages will be signed if you configured signing for bounce and delay
messages.
In addition, bounce or delay messages will be signed if you configured signing for bounce and delay
messages.
Note
If you create both a DomainKey and DKIM profile (and enable signing on a mail flow policy), AsyncOS
signs outgoing messages with both a DomainKeys and DKIM signature.
signs outgoing messages with both a DomainKeys and DKIM signature.