What is DKIM Record?

DKIM (DomainKeys Identified Mail) is a mechanism that allows senders to associate a domain name with an e-mail message. In technical terms, DKIM is a technique to authorize a domain to associate its name to an email message through cryptographic authentication. Once you sign an email with DKIM, you add a DKIM signature header and encrypt it. The sending email server is signing the emails with the private key. The recipient can use the DKIM record by performing a DNS query on the domain. There is a public key inside that the recipient uses to confirm the message is legit and verify the sender using the information in the header. The DKIM record is a way to prove emails can be trusted.

DKIM has the following look in your account:

Host Type Points to: TTL
_domainkey.yourdomain.com TXT DKIM-specific-text 3600

In ClouDNS, you can use it by creating a TXT record.

Why do you need a DKIM record?

DKIM provides an encryption key and digital signature that verifies that an email message was not forged or altered. The properly implemented DKIM record will improve the security of your email deliverability significantly. Thanks to the DKIM record, your recipients will have more trust in your domain. There will not be phishing or spoofing attacks on behalf of your domain. That way, your recipients will be safe, and you guarantee the positive reputation of your domain. DKIM record provides security to your domain’s mail server, and you can combine it with other DNS records like DMARC for even better protection. In addition, it is very easy to create it!

How to create a DNS DKIM Record?

To create DKIM, go to your DNS Zone Control Panel, click on "Add new record" and type, as follow:

Type: TXT
Host: (something.)_domainkey
Points to: DKIM-specific-text


Host: The host is given you by the domain key generator (it may be something._domainkey or only _domainkey)

Points to: DKIM-specific-text (this string here is also given by the DKIM generator)

You can see the example below:


How to add a DKIM record - Step by Step video:

How to start managing DKIM records for your domain name?

  1. Open free account from here - free forever
  2. Verify your e-mail address
  3. Log into your control panel
  4. Create new Master DNS from the [add new] button - read more here
  5. Add or modify the DKIM records you need as it is described in this article

DKIM record vs. SPF record

With the SPF record, you can specify precisely which mail servers and IP addresses are allowed to send email messages on behalf of your domain. It helps detect forgery and prevent spam. On the other hand, the DKIM record provides an encryption key and digital signature that confirms that an email message was not forged or modified. It prevents the delivery of harmful emails like spam. It is best if you use both DNS records for complete security and to ensure safe email communication.

How to check DKIM records?

It is actually really easy to check your DKIM records. Here is how to do it in several different ways:

Nslookup command
You can use this command if you are a Windows, Linux, or macOS user. Type the following to find all TXT records for the specific host, including DKIM records:

nslookup selector._domainkey.domain txt

Dig command
The Dig command is a perfect option for anyone using Linux or macOS. Simply write the following, and you will view all the available TXT records for the specific host:

dig selector._domainkey.domain txt

Host command
The Host command is another great tool that can help you check your DKIM record. Type the following:

host -t txt _domainkey.domain.com

*Make sure to replace "selector" and "domain" with the corresponding DKIM selector and domain you want to check.

Support of DKIM records

ClouDNS provides full support for DKIM records for all our DNS services, including the listed below. Just write to our technical support, if you need any assistance with your DKIM records configuration. Our Technical Support team is online for you 24/7 via live chat and tickets.

Last modified: 2022-06-13
Cookies help us deliver our services. By using our services, you agree to our use of cookies. Learn more