DKIM Record Checker
Free online DKIM checker tool to lookup, check, and validate your DKIM DNS record with a single click and improve email deliverability.
Free online DKIM checker tool to lookup, check, and validate your DKIM DNS record with a single click and improve email deliverability.
Valid DKIM record | |
Public Key Found | |
Key Algorithm | |
Error Details | |
Warning |
Tag | Value | Description |
---|---|---|
v | Version | |
g | Granularity of the key | |
h | DKIM hash algorithm | |
k | DKIM key type | |
n | Notes | |
p | Public Key | |
s | Service type | |
t | Flag |
A DKIM checker is an online tool that examines email messages’ DomainKeys Identified Mail (DKIM) digital signatures. With the use of the DKIM email authentication protocol, the sender of an email can digitally sign the message, demonstrating that it came from a reliable source and wasn’t altered while in transit.
The DKIM email authentication technique can aid you in combating email spoofing, phishing attacks, and other fraudulent email practices. Along with other protocols like SPF and DMARC, it can also reduce email deliverability issues.
But what is DKIM and why you need it in the first place?
DKIM is a protocol that verifies the authenticity of emails sent from/on behalf of your domain. During authentication, a DKIM signature is appended to outgoing emails. This signature or private key is matched with a DKIM public key published on your Domain Name System. A match indicates the genuinety of the message.
More often than not, attackers can intercept email communications and make changes to the message content. They may include suspicious phishing links or attachments laden with malware. DKIM comes in handy during these situations to verify that the message content has not been altered throughout its journey.
Our DKIM test tool is valuable for email administrators, email service providers, and email security professionals to set up and validate DKIM key pairs for their domains so they can effectively verify the DKIM-signature email header configured for your domain. Checking DKIM records with our DKIM tester can ensure that emails are legitimately sent from the claimed domain and email address and that the email content has not been altered in transit.
The process for using our DKIM checker to perform DKIM lookups is pretty straightforward. These are the steps:
Start by entering the domain for which you wish to lookup DKIM key pair in the input field in our DKIM test tool. Typically, this is the domain of the email sender whose identity you want to confirm.
The DKIM public key can be easily retrieved from a domain’s DNS records using a DKIM checker tool, which is necessary for confirming the validity of email communications and guarding against email spoofing and phishing attempts. Performing DKIM tests is essential to email security since it makes sure that messages are transmitted from trusted sources and are not corrupted while in transit.
When you use a DKIM lookup tool to query a domain’s DNS for DKIM records, you can receive various results, depending on what information is found in the DNS records. Here are the possible DKIM test results:
Valid DKIM Record
Invalid DKIM Record
No DKIM Record Found
DKIM Selector Not Found
DKIM Key Mismatch
Incomplete Information
DKIM signatures are created by the sending mail server and added as headers to outgoing email messages. These signatures contain various tags, each serving a specific purpose in the DKIM authentication process. Here are some common DKIM tags:
Tags | Description |
v | This tag specifies the DKIM version being used. For example, “v=1” indicates the 1st version of the DKIM protocol. |
p | A mandatory field that specifies the DKIM public key. |
a | The “a” tag specifies the cryptographic algorithm used to create the signature. Common values include “rsa-sha1” and “rsa-sha256”. |
s | This tag specifies the DKIM selector. The selector is a string used to locate the DKIM public key in the DNS records of the signing domain. |
h | The “h” tag lists the headers that are included in the signature. It specifies which message headers are being signed. |
b | The “b” tag contains the cryptographic signature itself. It is generated using the private key of the sending domain and is used to verify the authenticity of the message. |
bh | This tag contains the hash of the email body. It is used to verify that the body of the message has not been altered during transit. |
You can check DKIM manually for specific email messages by analyzing your email headers. To do so:
Your lookup may lead to the discovery of several errors and vulnerabilities in your authentication system, and you need to take steps to resolve them quickly before the next attack incident. To troubleshoot:
“Very easy and intuitive multi-tenant management. Flexible partner program with easy to work with terms and pricing. Overall a fantastic company, product, and MSP vendor.”
Joe Burns | Co-founder and CEO of Reformed IT