Generate DKIM Records for Email Authentication
Create DKIM (DomainKeys Identified Mail) records to cryptographically sign your emails and prove they haven't been tampered with. Choose your email provider or generate custom keys for self-hosted servers.
Frequently Asked Questions
Complete Your Email Authentication
DKIM works best with SPF and DMARC. Set up all three for complete email authentication.
Why DKIM Matters for Email Security
DKIM adds a cryptographic signature to every email you send. The receiving mail server uses your public key (published in DNS) to verify the signature. This proves two things: the email actually came from your domain, and the content wasn't modified in transit.
Without DKIM, your emails are more likely to be flagged as spam or rejected entirely. Major email providers like Gmail, Outlook, and Yahoo strongly prefer emails with valid DKIM signatures. Combined with SPF and DMARC, DKIM forms the foundation of modern email authentication.
1024-bit vs 2048-bit Keys
We recommend using 2048-bit keys for better security. While 1024-bit keys are still supported by most providers, they're considered less secure and may be deprecated in the future. The only downside of 2048-bit keys is they create longer DNS records, which some older DNS providers may have trouble with.