DKIM Record Lookup: Validating Your Email Authentication
What is a DKIM Record?
DomainKeys Identified Mail (DKIM) is an email authentication method designed to detect forged sender addresses in emails (email spoofing). It allows the receiver to check that an email claimed to have come from a specific domain was indeed authorized by the owner of that domain.
A DKIM record is a text (TXT) record published in your domain's DNS. It contains a public key that receiving mail servers use to verify a digital signature attached to your emails. If the signature matches, it proves the email hasn't been altered in transit and truly originated from your domain.
Why is DKIM Important?
- Prevents Email Spoofing: DKIM makes it extremely difficult for attackers to impersonate your domain and send phishing emails.
- Improves Email Deliverability: Email providers (like Gmail, Yahoo, Outlook) trust authenticated emails more. Correct DKIM records ensure your legitimate emails land in the Inbox, not the Spam folder.
- Protects Brand Reputation: By preventing abuse of your domain, you maintain a positive sender reputation.
- Required for DMARC: DKIM is a key component of DMARC (Domain-based Message Authentication, Reporting, and Conformance), which provides even stronger protection and policy control.
How to Use This Tool
- Enter Domain Name: Type the domain name you want to check (e.g.,
google.com) into the "Domain Name" field. - Enter Selector: The "selector" is a string used to identify the specific public key. Common selectors include
default,google,mail, or a date-based string like20230601. If you are unsure, trydefaultor check your email provider's settings. - Click Check: Hit the "Lookup DKIM Record" button. The tool will query the DNS for the specific TXT record at
selector._domainkey.domain. - Analyze Results: Review the raw record and the parsed tag analysis to ensure your public key (p=) and key type (k=) are correctly configured.