Guys i have some questions regarding DKIM and DMARC configurations. I tried finding the answers but it is not clear.
1) Does it involve DNS server configuration only or there is additional configuration that must be performed on the mail relay side?
2) Where do i obtain the DMARC and DKIM keys from ? Do i get them from my domain registrar or i generate them my self?
Any help appreciated
Does it involve DNS server configuration only or there is additional configuration that must be performed on the mail relay side?
You need additional DNS records, and there is further configuration on the mail server required, for example to in fact sign outgoing mails via DKIM.
Where do i obtain the DMARC and DKIM keys from ? Do i get them from my domain registrar or i generate them my self?
You generate them yourself. Actually, all keys you're using for signing should be generated and accessible only to you or the server operator(s), else it defeats the idea of signing: Keep private keys private.
These terms are actually confusing to many. As per my knowledge you need SPF and DKIM configured properly before configuring the DMARC. Because it requires both the SPF and DKIM to work.
For your first question you need to add some records to DNS.
DKIM is the one which work with keys. So in the Linux mail server you can install open-dkim and generate private public keys. There are some configurations depending on your mail server. you have to add public keys as a dns record on your domain.
After these DKIM and SPF configuration you can setup DMARC. Its also kind of adding domain record. The hardest part of above configuration is setting up DKIM.
