Microsoft has implemented DKIM, DMARC and SPF in Exchange Online, the only thing you have to do is enable it. The only thing for DKIM you have to do is create two CNAME records in DNS and enable DKIM in the Exchange Admin Center.
DKIM CNAME records
The CNAME records you have to create for DKIM look like this:
Selector1 and selector 2 are the 2 selector tags (in Office 365 these will always be selector1 and selector2), the _domainkey is a default tag that will be added. Of course you have to replace the contoso.com with your own domain.
The CNAME records have to point to the following locations:
the ‘contoso-com’ (also referred to as DomainGUID) is the same as your MX record so you can copy-and-paste it from there. The ‘contoso.onmicrosoft.com’ is your Office 365 tenant name.
So, for my exchangelabs.nl environment (tenant name is exchangelabsnl.onmicrosoft.com) this will be
Selector1._domainkey.exchangelabs.nl CNAME selector1-exchangelabs-nl._domainkey.exchangelabsnl.onmicrosoft.com
Selector2._domainkey.exchangelabs.nl CNAME selector2-exchangelabs-nl._domainkey.exchangelabsnl.onmicrosoft.com
You can use the MXTOOLBOX site to check your DKIM selector records:
The second step is to enable DKIM in the Exchange Admin Center. In the Exchange Admin Center select Protection and select the dkim tab. Select the domain you want to enable DKIM for and in the action pane click on Enable:
All information is stored in Office 365 so there’s no need to create a keypair and store the public key in DNS, everything is handled by Microsoft. Sweet
For more information you can check the Use DKIM to validate outbound email sent from your custom domain in Office 365 article on Microsoft Technet