Hello everyone,
When generating a DKIM key for multiple FortiMail appliances across different sites, should a unique key be generated for each FortiMail, or can a single key be used for all of them? If it's the second case, how would the other FortiMail appliances obtain the private key? If it's the first case, do I have to upload all public keys on the DNS ?
Thank in advance
Best regards,
Hello CL1
Both are possible.
When you want it a unique DKIM, you generate a private and public address and you import the private key on each FML, and you install a single public key on your DNS. You can use an external DKIM key generator to obtain the private and public keys. However if you generate it with one FML then you can't obtain the private key via GUI, but I'm pretty sure you can get it from CLI. I don't remember the sub-command but you should be able to find it with "show full" or just with a backup.
You can also generate DKIM on each FML separately, but here you must give a unique name to each selector. Then you upload every public key on the public DNS, each under its unique name, and all will work fine.
Both are easy to implement but I think the second one more secure.
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.
