IN THIS ARTICLE
1. What is DKIM?
DKIM uses a pair of keys, one private and one public, to verify messages. By encrypting private and public keys in the email header, your domain gets validated. In short, by setting DKIM on your DNS, you let your recipients know that your emails come from authorized servers. Learn more about DKIM by consulting your hosting's help page.
2. Why do you want to set it up?
Avoid spam issues,
you're being recognized as a valid sender,
your domain is authenticated, which means you protect its good reputation,
higher open rate,
lower bounce rate,
higher response and satisfaction rate.
Have a look at our Blog to learn more.
3. How do you set up DKIM?
The way you set up your DKIM record depends on your domain host.
To set DKIM on your server, first, you need to generate the public key. To do that, you need to log in to your email’s provider admin console. The next steps may differ depending on your email provider.
If you’re using Google Apps to send your emails, here’s a step-by-step instruction. Google Apps email users, you should know that on default the DKIM signatures are turned off, so you need to turn them on manually in your Google Admin console.
When you have the public key, you take the generated txt record and paste it in the right place into your DNS records. Here's the example:
Finally, you need to turn on email signing to start sending emails including your signature encrypted with your private key. Here’s how to do it, if you’re using Google Apps to send your emails.
DKIM Key Rotation
The security community recommends regularly changing the encrypted tokens of your DKIM records to enhance the security of your authentication configuration. The typical schedule for rotation is at least once every 12 months.
4. Below, you'll find the guides to the most common email service providers (ESP):
GoDaddy doesn't support DKIM. Check out SPF info
Amazon SES DKIM
Head over to our blog to learn more about What is DKIM & SPF? And How to Set It Up? »
Q: What about DMARC? Do I need to set it up?
Although DMARC isn't obligatory and there is no need to have it, we advise you to give it a go. DMARC is an extra safety measure that helps to protect your brand reputation. All in all, you want to have your emails delivered directly to your prospects' inboxes, and DMARC is that one more extra super-power worth to arm your domain with. Read more »
Q: I'm not sure how to set up DKIM. What should I do?
Please consult your domain host and ask them for help. They know best what your DKIM is and how to add it swiftly to your DNS.