Configuration
After installing the agent, you can use the Configuration.DkimSigner.exe within C:\Program Files\Exchange DkimSigner to configure the agent and all the settings. If the GUI doesn't work, you can also configure it manually (see Manual Configuration).
Please Note:
If you have configured your server to only send in the TNEF message format, your mails will not be signed.
To disable it, use the following powershell command (see also #170).
Set-RemoteDomain -Identity * -TNEFEnabled $false
Open C:\Program Files\Exchange DkimSigner\settigs.xml and configure the DKIM agent.
Here's an example file:
<?xml version="1.0" encoding="utf-8"?>
<Settings xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<Loglevel>3</Loglevel>
<SigningAlgorithm>RsaSha1</SigningAlgorithm>
<HeaderCanonicalization>Relaxed</HeaderCanonicalization>
<BodyCanonicalization>Relaxed</BodyCanonicalization>
<HeadersToSign>
<string>From</string>
<string>Subject</string>
<string>To</string>
<string>Date</string>
<string>Message-ID</string>
</HeadersToSign>
<Domains>
<DomainElement>
<Domain>example.com</Domain>
<Selector>ex201302</Selector>
<!-- if relative path, then it's relative to C:\Program Files\Exchange DkimSigner\keys -->
<PrivateKeyFile>example.com\ex201302.private</PrivateKeyFile>
</DomainElement>
<DomainElement>
<Domain>example.org</Domain>
<Selector>ex201302</Selector>
<!-- if relative path, then it's relative to C:\Program Files\Exchange DkimSigner\keys -->
<PrivateKeyFile>example.org\ex201302.private</PrivateKeyFile>
</DomainElement>
</Domains>
</Settings>You can add as many domain items as you need. For each domain item, the domain, the selector and the path to the private key file is needed.
This path may be relative or absolute.
Possible values for HeaderCanonicalization and BodyCanonicalization are Simple (recommended) and Relaxed.