Email In Inbox

DKIM Setup Guide

DKIM (DomainKeys Identified Mail) cryptographically signs your emails so inbox providers can verify they really came from you. Select your email provider below for step-by-step instructions.

Why DKIM Matters

  • Proves your emails haven't been tampered with in transit
  • Required for DMARC to work properly
  • Boosts deliverability — Gmail, Outlook and Yahoo all check DKIM
  • Unlike SPF/DMARC, DKIM keys are generated by your email provider — you can't create them manually

Setup Instructions by Provider

Click your email service provider to see the exact steps.

  1. 1Go to Google Admin Console (admin.google.com)
  2. 2Navigate to Apps → Google Workspace → Gmail → Authenticate email
  3. 3Click 'Generate new record' next to your domain
  4. 4Copy the DKIM public key provided
  5. 5Add a TXT record in your DNS with the name shown (usually: google._domainkey.yourdomain.com) and the key as the value
  6. 6Return to Gmail settings and click 'Start authentication'
Official documentation →

DKIM Record Lookup

Verify your DKIM record is live in DNS. Enter your domain and the selector your ESP uses.

Will check: google._domainkey.yourdomain.com

Common selectors:

What a DKIM DNS Record Looks Like

Type
TXT
Always a TXT record
Name / Host
selector._domainkey
Replace 'selector' with the one your ESP provides (e.g. google, s1, selector1)
Value
v=DKIM1; k=rsa; p=MIGfMA0G...
The full public key string provided by your ESP
TTL
3600
1 hour is standard; lower for faster propagation during setup