Cloudflare dns CNAME for microsoft office365 DKIM enable

#1

I am trying to set the DNS CNAME record so that I can enable DKIM in office365 and keep getting message in office 365 admin when I try to enable that the CNAME record does not exist

In cloudflare, I added 2 CNAME records

NAME: selector1 VALUE: selector1-MYDOMAIN-com._domainkey.netorgXXXXX.onmicrosoft.com
NAME: selector2 VALUE: selector2-MYDOMAIN-com._domainkey.netorgXXXXX.onmicrosoft.com

also tried:
NAME: selector1._domainkey VALUE: selector1-MYDOMAIN-com._domainkey.netorgXXXXX.onmicrosoft.com
NAME: selector2._domainkey VALUE: selector2-MYDOMAIN-com._domainkey.netorgXXXXX.onmicrosoft.com

Instructions in office365 admin say to publish the following two CNAME records first. selector1-MYDOMAIN-com._domainkey.netorgXXXXX.onmicrosoft.com selector2._domainkey-MYDOMAIN-com._domainkey.netorgXXXXX.onmicrosoft.com

0 Likes

#2

Is that CNAME entry set to :grey:?

Have you tried a host lookup for that CNAME to see if it exists?

1 Like

#3

the working solution is to add both CNAME with following values. Cloudflare must know something about these CNAMES because the grey/orange cloud goes away once added. Unlike other CNAMES I have, these entries do not have option to set/unset grey/orange cloud for “DNS and HTTP proxy (CDN)”.

So I set these… waited 30 minutes and then clicked “Enable” in the office365 admin to enable DKIM.
CNAME: selector1._domainkey VALUE: selector1-MYDOMAIN-com._domainkey.netorgXXXXX.onmicrosoft.com
CNAME: selector2._domainkey VALUE: selector2-MYDOMAIN-com._domainkey.netorgXXXXX.onmicrosoft.com

Instructions in office365 admin say to publish the following two CNAME records first. selector1-MYDOMAIN-com._domainkey.netorgXXXXX.onmicrosoft.com selector2._domainkey-MYDOMAIN-com._domainkey.netorgXXXXX.onmicrosoft.com

1 Like