Question 1

What is DKIM?

Accepted Answer

DKIM (DomainKeys Identified Mail) is an email authentication method that uses cryptographic signatures to verify that an email message was sent by an authorized server and wasn't altered in transit. It adds a digital signature to the email header using a private key, which receiving servers verify using the public key published in your DNS records.

Question 2

How do I check my DKIM record?

Accepted Answer

You can check your DKIM record using our free DKIM Validator tool above. You'll need your domain name and DKIM selector (usually 'default', 'google', or 'k1'). We'll query your DNS at selector._domainkey.yourdomain.com to retrieve and validate your DKIM public key, checking for common issues like missing records, syntax errors, or weak key lengths.

Question 3

What is a DKIM selector?

Accepted Answer

A DKIM selector is a unique identifier that allows you to have multiple DKIM keys for the same domain. It's part of the DNS record name (selector._domainkey.domain.com) and appears in the DKIM-Signature header of signed emails. Common selectors include 'default', 'google', 'k1', or custom names. You can have different selectors for different email services or servers.

Question 4

What key length should I use for DKIM?

Accepted Answer

For DKIM, use at least 1024-bit RSA keys, though 2048-bit keys are recommended for better security. Keys shorter than 1024 bits are considered weak and may be rejected by some email receivers. While 4096-bit keys offer more security, they can cause DNS record size issues and aren't widely necessary. 2048-bit provides the best balance of security and compatibility.

Question 5

Why is my DKIM record failing validation?

Accepted Answer

Common DKIM validation failures include: no DKIM record published in DNS, incorrect selector name, syntax errors in the DNS record, missing required tags (v=DKIM1; k=rsa; p=publickey), key size too small (<1024 bits), or DNS propagation delays after recent changes. Our DKIM Validator identifies the specific issue and provides recommendations to fix it.

DKIM Validator

DKIM Validator

Frequently Asked Questions

Related Tools

DMARC Analyzer

SPF Surveyor

DMARC Subdomain Policy Checker

Help & Resources

About DKIM

Common Tags