Free DKIM Checker Tool
Use our free DKIM checker tool to lookup, check, and validate your DKIM DNS record with a single click and improve email deliverability.
Use our free DKIM checker tool to lookup, check, and validate your DKIM DNS record with a single click and improve email deliverability.
Domain
Selector
DKIM Status
DKIM Status
Record Checks
Valid DKIM record | |
Public Key Found | |
Key Algorithm | |
Error Details | |
Warning |
Tag | Value | Description |
---|---|---|
v | Version | |
g | Granularity of the key | |
h | DKIM hash algorithm | |
k | DKIM key type | |
n | Notes | |
p | Public Key | |
s | Service type | |
t | Flag |
The process for using our DKIM checker to perform DKIM lookups is pretty straightforward. These are the steps:
Our DKIM lookup tool analyzes your DKIM DNS records to produce various results. These results convey the information found during the checking process. Below you will find a detailed explanation of some possible DKIM test results:
Result: Valid DKIM Record
Explanation: This means that your domain is correctly configured with DKIM, and the DKIM record published on your DNS is correct. You are looking for this result as it indicates that your domain is protected using DKIM authentication.
Result: Invalid DKIM Record
Explanation: This indicates the DKIM record in your DNS is invalid. This can happen due to a variety of reasons including syntax errors, incorrect formatting, or missing fields. The best course of action on getting this result is to create your DKIM records again using an automated online tool and republish it without trying to manually implement your record.
Result: No DKIM Record Found
Explanation: This indicates that the domain may not have implemented DKIM authentication. A missing record is the most common reason behind this result. In case you come across this result, you can request DNS hosting provider to republish your DKIM record and check again once implemented.
Result: DKIM Selector Not Found
Explanation: Your DKIM selector is a mandatory part of a DKIM record that allows receiving MTAs to locate the correct record for a domain. If our DKIM tester tool informs that your selector is missing, you should edit your DNS information to include a selector in your record.
Result: DKIM Key Mismatch
Explanation: This result indicates that there is a mismatch between your DKIM public and private keys. Your DKIM public key is published on your DNS and accessible to all, while your DKIM private key is used to sign your outgoing messages. During DKIM authentication, the key values are tallied to confirm a match – indicating authenticity of your message.
You can check DKIM manually for specific email messages by analyzing your email headers. To do so:
A DKIM checker is an online tool that examines the digital signatures of email messages using DomainKeys Identified Mail (DKIM). With the use of the DKIM email authentication protocol, the sender of an email can digitally sign the message, demonstrating that it came from a reliable source and wasn’t altered while in transit.
The DKIM email authentication technique can aid you in combating email spoofing, phishing attacks, and other fraudulent email practices. Along with other protocols like SPF and DMARC, it can also reduce email deliverability issues.
What is DKIM and why do you need it?
DKIM is a protocol that verifies the authenticity of emails sent from/on behalf of your domain. During authentication, a DKIM signature is appended to outgoing emails. This signature or private key is matched with a DKIM public key published on your Domain Name System. A match indicates the genuineness of the message.
More often than not, attackers can intercept email communications and make changes to the message content. They may include suspicious phishing links or attachments laden with malware. DKIM comes in handy during these situations to verify that the message content has not been altered throughout its journey.
Our DKIM test tool is valuable for email administrators, email service providers, and email security professionals to set up and validate DKIM key pairs for their domains so they can effectively verify the DKIM signature email header configured for your domain. Checking DKIM records with our DKIM tester can ensure that emails are legitimately sent from the claimed domain and email address and that the email content has not been altered in transit.
To use a DKIM test tool, you first need to enter the domain name of the sender whose email you want to verify. This domain name is where the DKIM public key is stored. Once you input the domain, the tool will query the DNS to retrieve this public key.
The DKIM public key can be easily retrieved from a domain’s DNS records using a DKIM checker tool, which is necessary for confirming the validity of email communications and guarding against email spoofing and phishing attempts. Performing DKIM tests is essential to email security since it makes sure that messages are transmitted from trusted sources and are not corrupted while in transit.
DKIM signatures are created by the sending mail server and added as headers to outgoing email messages. These signatures contain various tags, each serving a specific purpose in the DKIM authentication process. Here are some common DKIM tags:
Tags | Description |
v | This tag specifies the DKIM version being used. For example, “v=1” indicates the 1st version of the DKIM protocol. |
p | A mandatory field that specifies the DKIM public key. |
a | The “a” tag specifies the cryptographic algorithm used to create the signature. Common values include “rsa-sha1” and “rsa-sha256”. |
s | This tag specifies the DKIM selector. The selector is a string used to locate the DKIM public key in the DNS records of the signing domain. |
h | The “h” tag lists the headers that are included in the signature. It specifies which message headers are being signed. |
b | The “b” tag contains the cryptographic signature itself. It is generated using the private key of the sending domain and is used to verify the authenticity of the message. |
bh | This tag contains the hash of the email body. It is used to verify that the body of the message has not been altered during transit. |
Your lookup may lead to the discovery of several errors and vulnerabilities in your authentication system, and you need to take steps to resolve them quickly before the next attack incident. To troubleshoot: