After reading this article, you’ll be able to set up DKIM record in your domain settings for better email deliverability.
A DKIM record in your domain settings adds a digital signature to emails you send from your domain.
It’s a common method of email authentication used by mailbox providers and spam filters to verify that your emails are genuinely sent from your account.
Reasons to set up DKIM:
Signs your outgoing emails with encrypted keys for email security and authentication.
Protects your domain from spoofing and lets recipients verify that you are really the sender.
Improves your domain health and email deliverability score.
DKIM record explained
DKIM settings consist of a pair of keys generated by your email service provider: a private key and a public key.
Your email server uses the private key to sign outgoing emails, while the receiving server checks the public key in the DKIM record in your domain settings to verify the authenticity of the email.
The DKIM record is a part of the DNS settings for your domain and holds the public DKIM key.
When you set up DKIM for your domain, your email provider typically generates the necessary DKIM settings for you.
These settings include: DKIM name, and the DKIM value (public key) that is used for email authentication.
Here is an example of a DKIM record:
Type: TXT
Value: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA
In this example:
- Name: This is the selector and domain information. For Google Workspace, the selector is usually “google” and “_domainkey” is added to it. example.com is your domain.
- Type: This specifies the type of DNS record, which is TXT in this case.
- Value: This is the actual DKIM record content. It includes information like the DKIM version (v=DKIM1), the key type (k=rsa), and the public key (p=…).
How to check DKIM record
To confirm that your DKIM record is correctly configured and functioning, you can run a quick test within your email account settings.
It’s best to do this after waiting for about 48 hours to ensure the changes have fully propagated in your domain settings.
To check your DKIM record:
Go to your email accounts list.
Find the email account linked to your domain and click Edit.
Scroll down to the Optional settings section and select the Domain health tab.
Click Check health.
Once the check is finished, you’ll see the status of your DKIM record, along with other domain records.
Valid status means it’s set up properly. If there’s an issue found, click on the record to see a detailed description.
How to set up DKIM for your domain
The process of setting up DKIM records is similar for most email and domain providers.
Step 1: Generate DKIM keys
To set up DKIM record, the first step is to generate DKIM keys at your email provider admin settings. Let’s take Google Workspace as an example.
Log into your Google Admin account.
In the Admin console, go to Menu –> Apps, select Google Workspace –> Gmail.
On the Gmail page, create DKIM settings.
Click Authenticate Email tab –> Select DKIM authentication.
Click Generate DKIM keys.
It’s important to correctly copy and paste the entire DKIM value as provided by your email service provider.
Step 2: Create a new record in domain settings
After the DKIM generation is complete, go to your domain settings (where you manage DNS records).
To access domain settings, log in to your domain hosting account (this might be GoDaddy, Squarespace, Namecheap, Google Domains, etc.)
Find the section where you add DNS records.
Create a new record and select TXT type.
If your domain provider is Namecheap:
- Log in to your Namecheap account.
- Open Domain list menu and choose your domain.
- Click on the Manage button next to your domain.
- Go to the Advanced DNS tab from the top menu.
- Click Add new record –> choose TXT record.
If your domain provider is Cloudflare:
- Log in to your Cloudflare account and select your domain.
- Go to the DNS tab.
- Click Add record –> select TXT type.
If your domain provider is Godaddy:
- Log in to your Godaddy account.
- Go to Domains page, select the domain and click Manage DNS.
- Click Add record –> select TXT type.
If your domain provider is Google Domains:
- Log into your Google Domains account.
- Choose the domain and click the Manage button next to it.
- On the left side menu, choose the DNS section.
- Click Manage custom records button.
- Click Add new record and select TXT type.
Step 2: Add DKIM settings
Add the DKIM parameters to a newly created record.
In the Name or Host field, enter a DKIM name of your email provider (e.g. google._domainkey) followed by yourdomain.com or a subdomain.
Here’s the list of DKIM names for popular ESPs:
*replace yourdomain/subdomain with your actual domain address.
- Google Workspace (formerly G Suite): google._domainkey.yourdomain/subdomain
- Microsoft 365 (formerly Office 365): selector1._domainkey.yourdomain/subdomain
- Amazon Web Services (AWS) SES: amazonses._domainkey.yourdomain/subdomain
- SendGrid: s1._domainkey.yourdomain/subdomain
- Mailchimp: k1._domainkey.yourdomain/subdomain
- Zoho Mail: zoho._domainkey.
- Yahoo Mail: yahoo._domainkey.yourdomain/subdomain
- Mailgun: mg._domainkey.yourdomain/subdomain
In the Value field, enter the DKIM value provided by your email service provider in the Step 1.
If your provider is Namecheap:
Do not include the actual domain name in the Host field. For example, if you’re adding a record for “subdomain._domainkey.yourdomain.com,” only include “subdomain._domainkey” as the Host value.
Please be aware that the setup examples provided might change depending on the provider. If you find these examples aren’t helping you, feel free to reach out to us at help@snov.io to let us know.
Read next:
Read the following guides to complete your domain configuration for better deliverability: