How to set up DKIM for your domain

DKIM (DomainKeys Identified Mail) is an email authentication method that helps receiving mail servers verify that your emails are legitimate and have not been modified during delivery.

Setting up DKIM ensures that every email sent from your domain is digitally signed, allowing mailbox providers like Gmail, Outlook, and Yahoo to verify the authenticity of the message. This helps improve deliverability and protects your domain from spoofing.

DKIM is typically configured in two places:

• Your email provider, where the DKIM key is generated
• Your domain DNS settings, where the DKIM public key is published

Before you start

Make sure you have access to the following:

• Your email provider admin panel (Google Workspace, Microsoft 365, etc.)
• Your domain DNS provider (GoDaddy, Cloudflare, Namecheap, etc.)

DKIM requires adding a TXT record to your domain’s DNS settings.

Step 1: Generate a DKIM record

Log in to your email provider’s admin panel and locate the DKIM configuration section.

Most email providers will generate a DKIM record automatically for your domain. This record contains:

• a selector (identifier for the DKIM key)
• the public key used for verification

The generated DKIM record usually looks similar to this:

selector._domainkey.example.com
TXT
v=DKIM1; k=rsa; p=PUBLIC_KEY

Where:

v = DKIM version
k = encryption key type
p = public key used to verify the email signature

Step 2: Add the DKIM record to your DNS

Log in to your domain’s DNS management panel and add the DKIM TXT record provided by your email provider.

Typical DNS record details:

Host / Name
selector._domainkey

Type
TXT

Value
v=DKIM1; k=rsa; p=PUBLIC_KEY

Save the record once added.

DNS changes may take up to 24–48 hours to fully propagate.

Step 3: Enable DKIM signing

After the DNS record is added, return to your email provider’s dashboard and enable DKIM signing.

Once enabled, your email server will start attaching a DKIM signature to every outgoing email sent from your domain.

Step 4: Verify DKIM configuration

After setup, it is important to confirm that DKIM is working correctly.

You can verify DKIM using:

• your email provider’s verification tool
• email deliverability testing tools
• DNS record checkers

Verification usually involves sending a test email and checking whether the message passes DKIM authentication.

Common setup issues

DNS record not found

If DKIM verification fails, the DNS record may not have propagated yet. Wait a few hours and check again.

Incorrect selector

The selector used by your email provider must match the selector published in the DNS record.

Formatting errors

Even small syntax mistakes in the TXT record can cause DKIM validation to fail.

Multiple DKIM records

If multiple DKIM records exist for the same selector, authentication may fail.