DKIM Record

DKIM (DomainKeys Identified Mail) is an email authentication method designed to detect email spoofing. It allows an organization to claim responsibility for a message by associating a domain name with the message through cryptographic authentication.

To set up DKIM for a domain, you need to publish a DKIM record in your domain’s DNS settings. The DKIM record includes a public key that email servers can use to verify the signature of emails sent from your domain.

Here’s an example of how a DKIM record might look:  IN  TXT  "v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCnLvmzENqAYwZWTWcFO2m6kzjzXihzLMfZnK4wtp+HbUWJ62D4Z4wFVM05+4rI7VgdP2LKXlGG8kqwlh5EmEX8+GiC+g2z+BQ/QwyNvT0nxDsIS8PLFh7F0d0CNV7VqZjKFtX6DwokLNSylBZozWdSJtWk3sN+UBOIQID9CPpqwIDAQAB"

In this example:

  • is the selector and domain combination. The selector specifies which key is being used for signing, and the domain indicates the domain for which the DKIM record is valid.
  • IN specifies the class of the record (Internet).
  • TXT indicates the type of record.
  • "v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCnLvmzENqAYwZWTWcFO2m6kzjzXihzLMfZnK4wtp+HbUWJ62D4Z4wFVM05+4rI7VgdP2LKXlGG8kqwlh5EmEX8+GiC+g2z+BQ/QwyNvT0nxDsIS8PLFh7F0d0CNV7VqZjKFtX6DwokLNSylBZozWdSJtWk3sN+UBOIQID9CPpqwIDAQAB" is the DKIM public key.

When an email is sent from a domain with DKIM enabled, the sending server adds a digital signature to the email header. The receiving server then verifies this signature by looking up the DKIM record in the sender’s DNS settings and using the public key found there. If the signature is valid, it indicates that the email has not been tampered with during transit and that it originated from the claimed sender domain.

Discover more from

Subscribe to get the latest posts to your email.

Leave a Reply

Select your currency
ZAR South African rand

Discover more from

Subscribe now to keep reading and get access to the full archive.

Continue reading

Scroll to Top