What is
DKIM?
DKIM cryptographically signs outgoing emails using a private key. The public key is published in DNS, allowing recipients to verify the email's authenticity.
Why it
matters.
DKIM proves that emails actually came from your domain and haven't been modified in transit. It works with SPF and DMARC to provide complete email authentication.
What can
go wrong.
If DKIM is missing: recipients cannot verify email authenticity, emails may be marked as spam, and you cannot prove emails came from your domain in legal disputes.
Technical
details.
DKIM uses a selector (like "google", "default", "mail") combined with "_domainkey" subdomain. The selector._domainkey.domain.com DNS record contains the public key. We check 250+ common selectors to find DKIM records.
Check your domain’s
DKIM records.
Run a free security check to see how your domain scores across all sixteen checks, including DKIM validation.