Skip to content

Latest commit

 

History

History
47 lines (35 loc) · 1.69 KB

README.md

File metadata and controls

47 lines (35 loc) · 1.69 KB
Raw

DKIM & DMARC usage

DomainKeys Identified Mail (DKIM)

To enable DKIM signing of outgoing e-mail from a custom Office 365 domain:

data "aws_route53_zone" "zone" {
    name = "example.com."
}

module "route53_o365" {
    source = "mccanney/route53-o365/aws"

    domain          = "example.com"
    zone_id         = "${data.aws_route53_zone.zone.zone_id}"
    ms_txt          = "ms12345678"
    enable_exchange = true
    enable_dkim     = true
    tenant_name     = "contoso"
}

enable_dkim enables or disables the creation of the DKIM DNS CNAME records according to Microsoft's Office 365 DKIM guide. The Office 365 tenant_name (i.e. the contoso part of contoso.onmicrosoft.com) must also be set.

Domain-based Message Authentication Reporting and Conformance (DMARC)

To enable a DMARC record for a custom Office 365 domain:

data "aws_route53_zone" "zone" {
    name = "example.com."
}

module "route53_o365" {
    source = "mccanney/route53-o365/aws"

    domain          = "example.com"
    zone_id         = "${data.aws_route53_zone.zone.zone_id}"
    ms_txt          = "ms12345678"
    enable_exchange = true
    enable_dmarc    = true
    dmarc_record    = "v=DMARC1; p=none; rua=mailto:[email protected]; ruf=mailto:[email protected]"
}

enable_dmarc enables or disables the creation of the DMARC DNS TXT record according to Microsoft's Office 365 DMARC guide. The required dmarc_record must also be provided and be syntactically valid since the module does no checking. See dmarcian.com for help.