Although many organizations are migrating to the cloud via Microsoft 365 or Exchange Online, we still see many operating their own on-premises Microsoft Exchange Server.
Over the past few years we’ve seen an increase in implementations of DMARC and DKIM in various platforms. Unfortunately, there is no out-of-the-box support for DKIM and DMARC in Microsoft Exchange, but there are third-party solutions available.
There are two types of choices available:
- Deploying a solution in front of Microsoft Exchange via a virtual appliance that is taking the responsibility of the email filtering/authentication.
- Implementing plugins directly on the Microsoft Exchange Server that introduce the missing functionality.
Plugins for Microsoft Exchange Server
Note: dmarcian is not affiliated with these solutions, so please choose accordingly.
Based on previous experiences we’ve encountered, the following plugins introduce DKIM and/or DMARC to an on-premises Microsoft Exchange Server.
- AdminSystem Software – DKIM for Exchange Server and IIS SMTP Service (paid)
Add DomainKeys/DKIM signature to outgoing emails in Exchange Server or IIS SMTP service. - Netal – DkimX (paid)
An add-on for MS Exchange Server 2013/2016/2019 which supports DKIM-signing of outgoing messages and verification of incoming messages by using the following message authentication mechanisms: SPF, DKIM, DMARC. - Exchange DKIM Signer (GNU Lesser General Public License)
DKIM Signing Agent for Microsoft Exchange Server
Whether you choose the route of a plugin or virtual appliance, we hope this provides some clarity on implementing DKIM and DMARC on an on-premises Microsoft Exchange Server. Here are other resources to assist with your DMARC and DKIM records:
We’re here to help if you need assistance with your SPF, DKIM or DMARC initiatives. You can contact us via our contact page, and if you haven’t registered for our free, 14-day trial, you can get started here.