Use the DKIM record checker to validate
your DKIM records
DKIM (DomainKeys Identified Mail) is an email authentication technique that allows the receiver to check that an email was indeed sent and authorized by the owner of the sending domain. It works together with DMARC.
You need a valid DKIM record to implement DKIM. The Mimecast DKIM Record Check will use the domain name and selector to check for a valid published DKIM record. Because DKIM authenticates the reputation and identity of the sender, we recommend you carefully test any DKIM record updates before applying them.
Your DNS record is:
Your DNS record is:
Your selector is:
Your domain is:
Full DKIM Record
Most ESPs use 1024-bit keys by default, but companies like Google use 2048-bit keys. We recommend 1024 or higher.
We have detected that the key length you use is
|DKIM protocol version.
|Some organizations assign specific business functions to discrete groups, inside or outside the organization. This key is to authorize that group to sign some mail, but to constrain what signatures they can generate. The DKIM granularity (the 'g=' tag) facilitate this kind of restricted authorization.
|The 'h=' tag provide a list of mechanisms that can be used to produce a digest of message data. ('sha1' or 'sha256' can be used).
|The 'k=' tag provide a list of mechanisms that can be used to decode a DKIM signature. ('rsa' is used most often).
|Notes that might be of interest to a human.
|Your base64 encoded public key.
|The 's=' provides a list of service types to which this selector may apply. ('*' and 'email' are used most often).
|The 't=' tag provides a list of flags to modify interpretation of the selector. These DKIM Selector Flags for additional flags are optional. ('y' and 's' are often used).
|Body length limits (in the form of the 'l=' tag) are subject to several potential attacks.
|The 'q=' tag-spec provides for a list of query methods. ('dns' is used most often)
Would you like your results emailed to you?
Check your email for details on your request.