Skip to main content

DMARC Policy - Create a DKIM Key in Salesforce

  • Updated

What is DMARC?

DMARC, which stands for “Domain-based Message Authentication, Reporting & Conformance”, is an email authentication, policy, and reporting protocol. It builds on the widely deployed SPF and DKIM protocols, adding linkage to the author (“From:”) domain name, published policies for recipient handling of authentication failures, and reporting from receivers to senders, to improve and monitor protection of the domain from fraudulent email.

 

How does DMARC work, briefly, and in non-technical terms?

A DMARC policy allows a sender to indicate that their messages are protected by SPF and/or DKIM, and tells a receiver what to do if neither of those authentication methods passes – such as junk or reject the message. DMARC removes guesswork from the receiver’s handling of these failed messages, limiting or eliminating the user’s exposure to potentially fraudulent & harmful messages. DMARC also provides a way for the email receiver to report back to the sender about messages that pass and/or fail DMARC evaluation.

 

How Can I create a DKIM Key in my Salesforce Instance?

Reference this Salesforce Help Article: https://help.salesforce.com/articleView?id=emailadmin_create_secure_dkim.htm&type=5

  1. From Setup, enter DKIM Keys in the Quick Find box, and then select DKIM Keys.
  2. Click Create New Key.
  3. Select the RSA key size. Consider email recipient limitations and industry-specific security regulations when choosing the key size.
  4. For Selector, enter a unique name.
  5. For Alternate Selector, enter a unique name. The alternate selector allows Salesforce to auto-rotate your keys.
  6. Enter your domain name.
  7. Select the type of domain match you want to use.
  8. Click Save. Salesforce publishes your TXT records to DNS. Your CNAME and alternate CNAME records appear on the DKIM Key Details page when the DNS publication is complete. It can take time for DNS publication to finish.
  9. Publish the CNAME and alternate CNAME records to your domain’s DNS.
  10. Select Activate on the DKIM Key Details page.

For more information about DMARC and FAQs visit: https://dmarc.org/wiki/FAQ#How_does_DMARC_work.2C_briefly.2C_and_in_non-technical_terms.3F 

Was this article helpful?
1 out of 2 found this helpful
Return to top

Related articles