PhishER notifications contain a line of text called a DKIM signature that proves it is an authentic KnowBe4 or custom email. This guide will show you how to enable DKIM signatures for PhishER from KnowBe4 and how to use an allowed domain as a custom DKIM signature.

Enabling DKIM Signatures in PhishER

To enable your DKIM Signatures in PhishER, follow the steps below:

1. Open the PhishER platform and then navigate to the Settings page.
2. Go to Email Server.
3. Customize the Email Server settings and enable the DKIM Signature toggle. When you enable the toggle, you will see the Signing Domain(s) and the Selector from your KSAT Account Settings page.

4. Click Save.

Using Custom DKIM Signatures

After enabling DKIM signatures, your organization can adjust the signing domain for your organization’s needs.

1. Log in to your KnowBe4 account and navigate to PhishER.
2. Click on the Settings icon and go to Email Server page.
3. Under the Configure DKIM section, click the button labeled Add Custom Signing Domain.

4. Choose the domain you wish to use. To add a domain to this drop-down menu, you will first need to add the domain as an Allowed Domain in your KnowBe4 account. See our How to Add and Verify Allowed Domains article for more information.
5. Click Add and the Configure Custom Signing Domain window will open.
6. Copy the host name and values provided in the pop-up.

8. Navigate to your DNS provider and add a TXT record containing the copied information.

9. Once you’ve created the TXT record in your DNS provider, select the domains that you want to use the new DKIM record.
10. Click Save.

For further assistance with this feature, please contact our support team and they will be happy to help.