Ensure that DKIM is enabled for all Exchange Online Domains
Why This Matters
Without DKIM enabled, your organization's outbound email lacks cryptographic verification, making it easier for attackers to spoof your domain. When receiving mail servers cannot verify email authenticity, your legitimate messages are more likely to be marked as spam or phishing, and your domain's reputation suffers. Enabling DKIM alongside SPF and DMARC creates a strong defense against domain spoofing and email impersonation attacks.
What Aether365 Checks
This check verifies that DKIM signing is enabled for all custom domains configured in your Exchange Online environment. It appears in your Aether365 dashboard under Microsoft 365 security checks, with a Medium severity rating.