University email, SPF, DKIM and DMARC


Due to the security and protection measures being used within the University there is now a need for email systems to have additional settings beyond the typical ones that were used.

These are SPF (Sender Policy framework), DKIM (Domain Key Identified mail) and DMARC (Domain based message authentication, reporting and conformance).

 

(These are systems that are hosted within the University or within the Universities Azure Instance)

 

Sub-domain - The system should be setup to send email from a sub-domain of leeds.ac.uk (xxxx@xxxx.leeds.ac.uk) as the primary domain has measure in place to protect it.

SPF - The sending servers of the hosted solution should all be listed in the DNS record for the sub-domain

DKIM - The public key should be listed in the DNS sub-domain for the sender to allow for validation of signed emails

DMARC - The sub-domain should be configured with a minimum of a quarantine policy to ensure that all non-authorised email is held by the recipient servers.

 

For further information please contact IT Service Desk.

Due to the configuration of the University systems and the updates taking place, if these controls aren't in-place for any services sending email on behalf of the University then delivery could be affected and the email could be flagged as SPAM until these are resolved.

If you are experiencing any impact due to these measures please contact the IT Service Desk.