Feature Request: Add DKIM/DMARC Configuration #92
Description
Standard; Enable DKIM/DMARC
Script we use;
Would be nice to have an option for this in the portal under domains / standards
# Get list of existing DKIM configs (using Exchange Online PowerShell).
Get-DkimSigningConfig
# Get all SMTP domains actually used in Exchange Online.
$Domains = Get-Mailbox -ResultSize Unlimited | Select-Object EmailAddresses -ExpandProperty EmailAddresses | Where-Object { $_ -like "smtp*"} | ForEach-Object { ($_ -split "@")[1] } | Sort-Object -Unique
$Domains
# Create order text for DKIM and DMARC records.
$TenantName = "DOMAIN.onmicrosoft.com"
$ReportMailbox = "[email protected]"
$Result = "Protection`tDomain`tTyp`tHost name`tValue`tTTL`n"
foreach ($Domain in $Domains) {
$Result += "SPF`t$Domain`tTXT`t@`tv=spf1 include:spf.protection.outlook.com -all`t3600`n"
$Result += "DKIM`t$Domain`tCNAME`tselector1._domainkey`tselector1-$($Domain -replace "\.", "-")._domainkey.$TenantName`t3600`n"
$Result += "DKIM`t$Domain`tCNAME`tselector2._domainkey`tselector2-$($Domain -replace "\.", "-")._domainkey.$TenantName`t3600`n"
$Result += "DMARC`t$Domain`tTXT`t_dmarc`tv=DMARC1; p=none; pct=100; rua=mailto:$ReportMailbox; ruf=mailto:$ReportMailbox; fo=1`t3600`n"
}
$Result | Clip
# Enable new DKIM (using Exchange Online PowerShell).
foreach ($Domain in $Domains) {
Write-Verbose -Verbose -Message "Enabling DKIM for $Domain..."
New-DkimSigningConfig -DomainName $Domain -Enabled $true
}
# Set existing DKIM (using Exchange Online PowerShell).
foreach ($Domain in $Domains) {
Write-Verbose -Verbose -Message "Enabling DKIM for $Domain..."
Set-DkimSigningConfig -Identity $Domain -Enabled $true
}