AUTH-02 / EMAIL AUTHENTICATION
DKIM Checker
Scan for common DKIM selectors, or check a specific selector you already know.
About the DKIM Checker
DKIM (DomainKeys Identified Mail) adds a cryptographic signature to your outgoing email so receiving servers can confirm it wasn't altered in transit and really came from your domain. DKIM records live at a selector-specific subdomain, which makes them easy to miss. This tool scans common selectors and lets you check a specific one.
What this tool checks
It looks up TXT records at selector._domainkey.yourdomain.com for a set of common selectors used by major providers (Google, Microsoft, and others), and reports any that contain a valid DKIM public key.
Finding your selector
Every DKIM key is published under a selector chosen by your mail provider. If the common-selector scan doesn't find yours, check a signed email's headers for the s= value in the DKIM-Signature line, then enter that selector directly.
Frequently asked questions
What is a DKIM selector?
A selector is a label your mail provider uses to publish a specific DKIM key, forming the hostname selector._domainkey.yourdomain.com. Providers pick their own selectors, such as google, selector1, or k1.
How do I find my DKIM selector?
Open a message you sent, view its raw headers, and find the DKIM-Signature line. The s= value is your selector and the d= value is your signing domain.
Do I need DKIM if I already have SPF?
Yes. SPF and DKIM protect against different things, and DMARC requires at least one of them to pass with alignment. Publishing both gives the strongest deliverability and anti-spoofing protection.