Select theme:
DKIM (DomainKeys Identified Mail) is a DNS record that stores a public key used by receiving mail servers to verify a digital signature attached to your emails. It acts like a Digital Wax Seal: it proves that the email actually came from your domain and that the content wasn't tampered with during transit.
To find a DKIM record, you must know the Selector. A selector is a specific "sub-key" used by your email provider (like Google, Microsoft, or Mailchimp).
selector._domainkey.yourdomain.comdkim-signature.s= tag (e.g., s=google). That "google" is your selector!Because a domain can use multiple email services (e.g., Gmail for staff and Mailchimp for newsletters), each service needs its own unique DKIM key. The selector tells the internet which specific key to look for.
Yes. In fact, you should have multiple records if you send mail through different platforms. Unlike SPF, there is no "limit" to how many DKIM records you can have, as long as they each use a unique selector.
Security best practices recommend changing (rotating) your DKIM keys every 6–12 months. This ensures that if a private key is ever compromised, the window of risk is limited.
No. DKIM only signs the message content and headers. It does not hide the path the email took to reach the recipient.
Try UptimeObserver today. Setup in 2 minutes.