Enhanced Email Security with DKIM for Custom Domains

NOTE: The Email Domain Authentication capability is available in Service Console within the Oracle Cloud Console

DKIM or DomainKeys Identified Mail is an email authentication mechanism that ensures the integrity and legitimacy of emails. This helps recipients verify that the emails are legitimately from the domain's authorized mail servers (OFS email infrastructure) and have not been altered in transit.

This new feature enhances email delivery by allowing the registration of customer domains and subdomains within Oracle Field Service. Emails sent on the customer's behalf are signed with a digital signature, which the receiving email server can verify using the published DKIM key. This ensures that the content hasn't been tampered with and enables successful delivery to the intended recipient. Essentially, OFS acts as a trusted intermediary, ensuring a seamless and secure email experience while maintaining the reputation of the customers' domains.

The following capabilities are implemented within this feature:

  • Configure up to five (5) domains or subdomains to comply with DKIM when using them in the 'Reply address' field of a message scenario step configuration.
  • Access and manage DKIM settings, including CNAME Records and Values for each domain or subdomain registered within the platform. 
  • Register domains for all environments in a single action. There is no need to repeat the process for each environment in your subscription.

Business Benefit

  • This feature enables sending verified emails using specific sender domains or subdomains, distinct from the default fs.ocs.oraclecloud.com or etadirect.com.
  • OFS customers can use DKIM to customize email reply addresses with their own domains/subdomains, enhancing brand recognition and personalization in customer communications.
  • Companies can ensure that emails sent on behalf of their domains or subdomains are authenticated, thereby reinforcing brand trust and credibility. This reduces the risk of these emails being incorrectly marked as spam or blocked by recipients' email servers.

Steps to Enable

  1. Open the Service Console and navigate to the 'Email Domain Authentication' tab.

Email Domain Authentication

  1. Click 'Add Domain', specify the domain or subdomain to register and click on 'Register'.

Register Domain

Domain registration will begin; this process can take a few minutes.

Registered Domains - Creating

  1. Once the domain has been registered successfully, you will see the DKIM signing status change from 'Creating' to 'Pending DNS'.

Registered Domains - Pending

  1. Click on 'Show Instructions' to view the configuration requirements for the domain. You will find all the necessary details to implement the DNS configuration.

Configuration Instructions

  1. Apply the provided configuration to your DNS setup for the domain.

NOTE : Remember to double-check that you have access to the DNS configuration of your domain and that you can make the required changes. If you are unsure about any step, consult with your IT team or relevant technical personnel for assistance.

  1. Once the DNS changes have been applied, the OFS system will detect and update the DKIM Signing Status from 'Pending DNS' to 'Active'.

Registered Domains - Active

  1. To utilize the new domain or subdomain, access your OFS environment and navigate to 'Configuration' > 'Message Scenarios'. 
  2. Select an existing message scenario or create a new one. Within the scenario, add or modify the 'reply address' field to use the newly-registered domain. 

Message Step Configuration

Tips And Considerations

  • Each subscription is allowed to register up to five (5) domains or subdomains individually. Registering a domain does not automatically include its subdomains.
  • Registering and configuring a domain applies to the entire subscription, while adding/modifying message scenario steps are unique to each environment.
  • It is not possible to edit the domain once registered. If a change is needed, the current domain must be deleted and a new one added.
  • If the domain is deleted and then re-registered, DNS changes will be needed since the CNAME record and its value will be generated with new settings.
  • Double-check that you or your technical point of contact has the appropriate permissions to access and modify the DNS settings for your domain to complete the registration.