Smartlead’s DKIM record checker or lookup tool is a free online service that helps you verify the validity and configuration of a DKIM (DomainKeys Identified Mail) record. Think of it like an inspector for your email security system.
Once you enter a DKIM Record in the tool, it will retrieve all the details pertaining to the record as published in its domain’s DNS. The tool then analyzes the record for errors or syntax mistakes that might prevent it from working correctly.
You will get clear feedback on whether the DKIM record is set up properly and can effectively authenticate emails sent from that domain.
A DKIM record, structured as a DNS TXT entry, holds the public key necessary for a receiving mail server to authenticate a message's signature. It encompasses essential details such as name, version, key type, and the actual public key. Typically, this record is provided by the email service provider responsible for sending your emails.
Here's how it works:
• When you send an email, a private key associated with your DKIM record digitally signs the email header.
• The receiving email server retrieves the public key from your domain's DKIM record.
• The receiving server uses the public key to verify the digital signature on the email header.
If the signature matches, it indicates the email hasn't been tampered with in transit.
If the signature fails, it raises a red flag, suggesting potential tampering.
DKIM helps ensure emails haven't been modified after they are sent. By preventing fraudulent emails from appearing to come from your domain, DKIM safeguards your sender's reputation and improves email deliverability
Record
Type
Value
Time to live (TTL)
WWW
CNAME
abc.com
3600
DKIM records follow a specific format. Here's a simplified example:
• Name: selector1._domainkey.example.com
• Type: TXT
• Content: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDd7VxF6wIeE2jWmbSbHLG58mgU3RQo/
h7v5Z+M3dX4V+5R9h2OY+xqL2Qj0CwHkgglAqRthetT7X0TyKgj+LTz6C9usvGIR4EPhNLFq53RbWEJ/39vkcX0JhL4DduaJJRi2ICnDvlmrX8eIaVKf5QryP6zRSfumMf+pHSwIDAQAB
• TTL: 3600
Here’s the breakdown of the above example:
• Name: selector1._domainkey.example.com is the specific name for the DKIM record. The _domainkey portion is a convention, and selector1 is a selector that typically refers to a specific email source within the domain example.com.
• Type: TXT indicates the type of DNS record, in this case, it's a text record.
• Content: This field holds the actual DKIM public key information. It will be a long string of characters generated during the DKIM setup process.
• TTL (Time To Live): This field defines how long other DNS servers can cache this record before refreshing it from the authoritative source (your DNS provider). It's specified in seconds. A common TTL value is 3600 seconds (1 hour).
SPF checks authorized email senders based on IP addresses. DKIM verifies the email content hasn't been tampered with using digital signatures.
While each offers distinct benefits, using both SPF and DKIM provides a more robust email authentication system.
The technical setup might require some expertise. However, many email service providers offer user-friendly interfaces or instructions for configuring DKIM records.
There could be a few reasons for this:
• Incorrect Configuration: Double-check your DKIM record for any typos or errors in syntax.
• Propagation Delay: Changes to DNS can take some time to propagate across the Internet. Be patient after making edits to your DKIM record.
• Third-Party Sending Services: If you use a third-party service to send emails on your behalf, ensure their configuration aligns with your DKIM record.
If you're still facing issues after addressing these potential causes, consider getting in touch with your email service or hosting provider.