While you are adding domains on Microsoft Exchange Online, you might come across the following error message: “ No DKIM keys saved for this domain ” while finding no option to enable DKIM keys for the domains.

This is a common hindrance faced by Microsoft Exchange Online users. However, this can be easily resolved using Windows Powershell.

What is DKIM?

DKIM is a DomainKeys Identified Mail, which is a method by which an organization can assert responsibility for a message in a way that can be validated by the recipient. The digital signature works similarly to the process used to verify the digital signatures in signed email or on web forms, with the exception that the digital signature is added to every message sent by the DKIM-enabled mail system, instead of just one message.

It poses several benefits, including a reduction in identity spoofing e.g., spam and phishing. This allows the receiver to be able to confirm that the message is genuine. When a message that is sent by, or on behalf of, your organization has been authenticated, that message provides assurance to the recipient that the content was not altered in transit.

Steps to enable DKIM using Windows Powershell on Microsoft 356 Exchange Online

  • On your Windows Powershell application, select “Run as administrator”

  • On the Windows Powershell command prompt window, you need to run the following four commands:

1. $UserCredential = Get-Credential

A dialog box will appear demanding your user name and password. Make sure that you sign in to Powershell with your Office 365 credentials, as an administrator.

2. $Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri -Credential $UserCredential -Authentication Basic -AllowRedirection

3. Import-PSSession $Session -DisableNameChecking

4. New-DkimSigningConfig -DomainName “” -Enabled $true

[Note: Please remember to replace “” with your own domain name since this is just an example domain for the sake of this article.]

Fixing the “No DKIM keys saved for this domain” error

  • Now if you log back into your Exchange Online Admin Portal, you should be able to view the option to enable DKIM for your domain

5. Finally, after you have enabled your DKIM keys, you need to run the last command: Remove-PSSession $Session to end your Powershell session

Why do you need to enable DKIM for your Office 365 domains?

DKIM uses public-key cryptography to bind a piece of text to an authorized sender by adding a signature to email headers and other message components. The signature is verified using a private key when the message is received, and the sender is then held accountable for their published email identity on the Internet. It is an essential protocol to ensure the safe and unaltered delivery of your messages. Microsoft recommends that you enable DKIM for enhanced email security for your domains registered on their portal.

Hope this article helped you resolve the “No DKIM keys enabled for this domain” prompt on Microsoft 365 Exchange Online. If you want to learn more about how to configure DKIM on Office 365, you can go through our office 365 DKIM guide.

To stop spoofing attacks on your domain, get daily reports on office 365 DKIM authentication results by configuring our DMARC report analyzer today!