DKIM Setup

DomainKeys Identified Mail - Cryptographic email authentication

DKIM Configuration Issues Detected

DKIM selector found but signature validation failed. Your emails may not be properly authenticated.

What is DKIM?
DKIM adds a digital signature to your emails, allowing recipients to verify that the email was actually sent by your domain and hasn't been tampered with in transit.
Why is it important?
DKIM provides cryptographic proof that emails are legitimate, significantly improving email deliverability and protecting your domain reputation from spoofing.
Impact
Without proper DKIM, your emails are more likely to be marked as spam, and recipients cannot verify the authenticity of messages from your domain.

Current Configuration

How to Fix DKIM

  1. Generate a DKIM key pair (public and private keys). Most email providers do this automatically, or you can use online DKIM generators.
  2. Add the public key to your DNS as a TXT record. The format should be:
    default._domainkey.example.com TXT "v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA..."
  3. Configure your email server or provider to sign outgoing emails with the private key.
  4. Set the DKIM selector name (commonly "default", "google", "selector1", etc.) in your email settings.
  5. Test your DKIM configuration by sending a test email to a DKIM validator service.
  6. Return to this page and run the check again to verify proper configuration.

DKIM Record Examples

Common DKIM configurations for popular email providers:

Google Workspace:

Selector: google._domainkey

google._domainkey.example.com TXT "v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA..."
Microsoft 365:

Selectors: selector1._domainkey and selector2._domainkey

selector1._domainkey.example.com TXT "v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GN..."
SendGrid:

Selectors: s1._domainkey and s2._domainkey

s1._domainkey.example.com TXT "k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNAD..."

DKIM Best Practices