DKIM Deployment for individual mail domains


For those that have deployed DKIM via the SEA, I have a question regarding enabling DKIM for only a subset of the domains we currently have sending mail.

We have about two dozen domains that are sending email and I want to test DKIM for a single domain/sub.

After adding the private key to the certificates page under the appropriate domain, do I simply enable the outbound policy to add DKIM signatures?

Will this cause issues with the other domains that have not been prepped for DKIM?

Do I need to add an advanced filter to only apply policy to emails containing the header....from []?

Any advise is appreciated.

Documentation seems to be lacking on this topic.




  • Hi Kyle,

    Under threat protection outbound you would create the rule to stamp dkim (make sure its the last rule b/c if you say append a header it may invalidate it)

    under recipients, use an include rule and only select the domain you wish to test with.  everything else will be excluded..  keep in mind that part of the dkim process you will need to specific they domain.. that needs to match or the email will be signed with an invalid dkim.


    Other than that, it should work fine