DKIM (DomainKeys Identified Mail) is an email authentication technique that allows the receiver to check that an email was indeed sent and authorized by the owner of that domain. It works together with DMARC (and SPF).Read more about this topic in our article about DKIM signature
In order to implement DKIM a valid DKIM record must be published. Use the DKIM checker to validate the published DKIM Record for a given domain. We strongly recommend to carefully test any updates the DKIM records before applying them.
Validate DKIM records by using the DKIM record checker
Information and tools
More information about DKIM
More information about DKIM signature
Validate the: DMARC Record
DMARC Analyzer is a pure play DMARC specialist with over 15 years of email deliverability experience. We provide user friendly DMARC Analyzer software and Mimecast DMARC Analyzer acts as a comprehensive guide to move towards a reject policy as fast as possible. Sign up for a free trial.
DKIM allows organizations to authenticate emails, thus protecting email traffic. This technique signs emails with a key, allowing the recipient to verify that the message has not been modified along the way. This type of verification is an important part of DMARC protection.
The DKIM checker verifies the presence and validity of a DKIM record. Enter the domain and selector to check the domain’s DKIM record.
DKIM Selector: The DKIM selector is specified in the header of the DKIM signature and indicates where the public key portion of the DKIM key pair exists in DNS.
Domain to verify: The domain for which the DKIM record is to be checked.
DMARC only works if SPF and DKIM are set up correctly. Mimecast DMARC Analyzer can be used to generate DMARC reports containing detailed information about who is sending email on your behalf.
With DKIM, the sending server signs an email with a key. This includes the body and a number of important headers, such as From, To, the subject, and the date. This “signature” is added as an extra header so that receiving mail servers can verify it.
The public part of the key is published in the DNS zone of the sending domain. By using the public key and the signature in the message, the receiving party can verify that the message arrived as it was sent, without modification.
These keys can be found as TXT records or CNAME records in the form selector._domainkey. Thus, a domain can contain multiple keys. This is useful if there are multiple senders — such as Google Workspace or Microsoft Office 365 — in addition to the regular email with the hosting package.
|All information about Domain Keys Identified Mail (DKIM)|
|read more about DKIM signatures|
|learn how to validate a DKIM record|