DKIM and DMARC support

The idea got auto-shipped because it was connected to the DKIM/SPF. I'm changing the status of this idea to "planning to implement" as DMARC is still to be done.

This is marked as shipped, but I can't find any info about the support of DMARC in Domino 12.0.2. What about that?

What about DKIM, DMARC, and SPF support on older versions (10 or 11)

It's nice to have DKIM support since 12.0.1 on Windows and Linux. But what about IBM i (AS400 /iSeries)? I raised a support case with HCL but the response was "Unfortunately, iSeries does not have the library required to support DKIM as such DKIM is not supported on iseries. We don't have any confirmation that DKIM will be supported on later version releases as of yet."

Any updates on when DMARC might be available. Our cybersecurity insurance is saying we need to be using it.

Absolutely yes, next up is DKIM inbound, SPF and DMARC. Thats why I'll keep this idea open until it is delivered.

Hello Thomas,

thank you for your hard work on this.

I am happy it is on the way.

But Outbound is not enough. When I have "another decent layer" then this layer can also do DKIM signing outbound and I do not need Domino to do it.

I have several customers, very small shops, that do not have the resources for an additional SPAM-gateway. When they ask me: can I bring Domino directly into the internet as the Mail-Exchanger, I have to tell them: "No: you can do SPAM and Virus-checking on Domino (TrendMicro, GBS, etc), but no security-checks that are on the SMTP- or TCP-layer"

For those customers DKIM, TLSRPT, MTA-STS outbound and DKIM, SPF, DMARC inbound would be a major win.

I'm glad to read you're happy with the DKIM inbound functionality.

outbound DKIM signing was indeed absolutely necessary, thanks for that.

Inbound SPF, DKIM and DMARC verification, on the other hand, is not so usefull if you're not having other decent layers of anti-spam checking. These authentication checks + DNS blocklists just aren't enough to fight spam/phishing today.

So I'll leave inbound DKIM, DMARC, SPF as is, because that's part of an more complete anti-spam system (unless you're planning to do that too, like Lotus Protector existed once...).

Greetings y'all!

DKIM support is now available in Domino 12.0.1 - support for DMARC and SPF are next.

DKIM is a 'must-have' if you deliver mails. I expect DKIM status for every incoming mail in the viewer (Notes) - like DKIM plugin in Thunderbird. I'm lucky to have an additional mail server between Domino and Internet generating DKIM. Its ashaming to see that Domino come to a halt with 20 years old mail technology

Implementation of DKIM and DMARC is absolutely necessary and should be quickly done or many will leave Domino as a mail server. Delivery of clean messages to gmail has recently become a nightmare.

DKIM and DMARC should be implemented in Domino. Many are waiting for these features. HCL should look into that. We are in 2021!

On the comment, "I seriously doubt Domino is getting any new customers, and really only has legacy customers left." -->
Our company has done new Notes/Domino customers. All were "small" shops around 200 users or less.


I've already voted for this too, and will be happy to see it natively supported.

The people at maysoft.com are actually working on this. The SPF part is complete to stop people spoofing your own domain, so it's a great start. You can contact their support address. It works 8.5 - 11. They also have good native antispam. Not sure if it's posted on their website yet.

It's so necesary that funcionality

DKIM, DMARC, SPF support is not an idea, but something the system must be able to do to be considered at all.

Someone should just build it if HCL isn't going to.

DKIM and DMARC support for Domino is a must!!!