Domain Keys Identified Mail (DKIM) is fully supported by Kolab Now, and all outbound email messages are signed. This means that recipients can verify that the message was sent using Kolab Now infrastructure.
Kolab Now supports DKIM signing.
DKIM is a mechanism that allows a receiving party of emails to determine whether an email has indeed been sent by the party that is claimed to be the sender, thus protecting against forged sender email addresses.
Kolab Now implemented DKIM signatures so that the tag (d=<domain>) will use your sender domain for alignment. This means, that for a user ‘doe@kolab.org’ the signature would look something like this:
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=kolab.org; h=
content-type:content-type:content-transfer-encoding:message-id
:subject:subject:from:from:date:date:mime-version:received
:received:received; s=dkim20240523; t=1734354313; x=1736168714;
bh=mBUfOmuiUe6nDmAiAsHAHqpD0F+Gd9nJUF5Z5spFd8I=; b=bVuQog18XlAx
+YG8FhYOSvrHhdAyr2PUb/24fINK1zlqDGQS56ULJp87ogvG0NBK7G4dNG94Nhnc
GIOtTwZX5+NDpOFcQ6hldkxU7thO1734fWHA6kL8CXKWZ35IWnyyf7/DAp1rPIhe
wUM9td8SwP+/SOibhOOLPKf4Zz9I3qygVvnzMBMFXb0bTQbpV45ASLk0RsG8Q+jP
RBFlRboeqE5mCEgrg3q0i3ip2bGkhqAGzUTmqi0ckTvXltm+nCFpVSKlRy+lgrXY
PQyaK97xt3pUHX9sdcJFHyIDldU/cSWCcTsrQobk5J0UPj8Dlh2RIma/06K9EEcl
Bx27XRIK4Q==..and so ensuring that all outgoing emails from this sender are domain aligned. However, this will require that the DKIM key is available on your domain in DNS. Therefore we recommend that group managers (the owners of private domains) set the following CNAMEs (both of them) in the DNS of their private domain:
dkim1._domainkey CNAME dkim1._domainkey.kolabnow.com.dkim2._domainkey CNAME dkim2._domainkey.kolabnow.com.
This will delegate the actual DKIM public key to be managed by the kolabnow.com domain, who in turn will align the key with the sending domain as mentioned above.
For more information about Private domain configurations, please check out this kb article about DNS for group managers