Posts by alanjmcf

Can all folks running Office 365 and have admin privileges check that DKIM is enabled for all their domains. Check each domain in https://security.microsoft.com/dkimv2 is Enabled. If not copy the two DNS records it displays into your DNS, wait a wee while, and click Enable again. See https://learn.microsoft.com/en-us/microsoft-365/security/office-365-security/email-authentication-dkim-configure?view=o365-worldwide#configure-dkim-signing-of-outbound-messages-in-microsoft-365

If you’re in Google Workspace (or whatever they call it now), see https://support.google.com/a/answer/180504?hl=en

The problem here is mail admins who are living in the past and aren’t keeping up to date with email standards, in particular DKIM. We’ve been setting it up for our customers for years, but when we bring new customers on board we find their previous MSP has done nada! Google and Yahoo have started enforcing it on emails they receive, in particular for domains sending more than 5000 emails per 24 hours. https://www.valimail.com/blog/navigating-the-new-gmail-sender-landscape/

There have been multiple Message Centre posts in Office 365 warning of this. It might end up that Microsoft need to start popping-up warnings in Outlook, or even blocking sending if folks don’t get their fingers out and configure DKIM. I suspect they will also make another sending pool for all domains without DKIM enabled properly, so that their bad reputation doesn’t affect the rest.

Finally If you’re on your web hosts’s email say, DKIM might well not be supported. That’s the case for LiveMail at FastHosts for instance. https://help.fasthosts.co.uk/app/answers/detail/a_id/3700/~/what-is-dkim-and-can-i-use-it%3F

“[…] Microsoft has an updated Azure AD sign-in report – provided that you have a premium version of Azure AD.”

But as the blog says: “we’re rolling out a change very soon to make it available to all customers, providing them with a 7-day rolling report of client login activity.”