I came across a problem recenly.
- Cpanel only generates 2048 bit DKIM keys
- I do not want to host my DNS with cpanel
- My current DNS provider only allows a 255 character txt record
Originally i found a possible solution about dns record spliting.
However upon further reading I realised this does not work with the 255 character txt record limits. All this means is that a long text record can parse information as one item if it is split “value-1” “value-2”
Then I found a youtube video with a out of the box solution that worked!
Summary of solution
- Register for a free domain with cloudns.net and add the 2048 DKIM long txt record there.
- On your current dns provider add a CNAME record (EG: default._domainkey) pointing to the free DNS record on cloudns.net
Things to note
It is important to note that cloudns.net may revoke their free DNS offer in the future which will make that record invalid. This means that your emails may not pass DKIM and may be marked as spam.
There are other free DNS options that you could use to do something similar.
How do you setup DKIM with Microsoft 365?
Setting up DKIM with Microsoft 365 is more complex than other providers. Their guide is not easy to understand. However I did find this guide.
You can log into admin.microsoft.com to complete the steps.
I would like to add the following from my experience.
- If DKIM option is not available, it might be that it is a new outlook 365 service and it hasn’t been setup. Try again a few days later.
- Microsoft 365 won’t let you copy and paste the CNAME records, it is very frustrating. Do not try to type it out, because there is a chance you will make a mistake. Instead if you are using Chrome browser, try to inspect the element and search for the term. Then copy and paste in notepad.
- The CNAME record is “selector1._domainkey” The value is item displayed on the microsoft 365 page
Can you use multiple DKIM records?
Yes. Let say you use Microsoft 365, which uses their own DKIM, your website that uses Cpanel, and maybe a newsletter provider. Their servers may request their own DKIM records to be used.
Can you use SPF and DKIM together?
Yes. As is proven in Gmail when you view “show original”