Free DKIM Checker

Look up and validate the DKIM record on any domain. Confirm your email is signed correctly and catch the errors that send mail to spam.
DKIM Checker by

Never worry about DNS set up again

With Mailforge and Infraforge all of that will be done for you, no extra effort or payment required. And then you can manage all your sequences in Salesforge.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

What Is a DKIM Checker?

A DKIM checker reads the DKIM record on a domain and confirms it is valid. DKIM, short for DomainKeys Identified Mail, adds a cryptographic signature to your outgoing email, with the matching public key published in DNS under a selector. When a provider receives your message, it checks the signature against that key to confirm the email was not altered and really came from your domain. The checker pulls the record by selector, validates the public key and syntax, and flags anything that would cause signing to fail.

How the DKIM Checker Works

1. Enter your domain and selector: Provide the domain and the DKIM selector your provider uses.

2. We pull the record: The tool queries DNS and retrieves the DKIM record for that selector.

3. We validate the key: It confirms the public key is present, correctly formatted, and strong enough to sign mail.

4. You get the result: If the selector is missing or the key is broken, you get plain steps to fix it.

Why It Matters

Prove Your Email Is Real

DKIM is how mailbox providers confirm your message was not tampered with in transit and genuinely came from your domain. A valid signature builds trust and lifts inbox placement. A broken or missing one removes a key signal providers rely on, which drags your mail toward spam.

Catch Selector and Key Errors

DKIM breaks quietly. A selector that does not exist in DNS, a malformed key, or a key that is too weak all cause signing to fail without an obvious symptom. The checker surfaces these so you can fix them before they cost you deliverability.

Complete Your Authentication Stack

DKIM works alongside SPF and DMARC. Providers expect all three from legitimate senders. Confirming DKIM is valid is one part of proving you are who you say you are, which is what keeps you in the inbox at volume.

Frequently Asked Questions

If you don't find an answer to your question below, contact us via chat!

What is a DKIM record?

A DKIM record is a DNS entry holding the public key used to verify your email's signature. It sits under a selector, and providers use it to confirm your message was not altered and came from your domain.

What is a DKIM selector?

A selector is a label that points to a specific DKIM public key in your DNS. A domain can have several selectors for different sending services, so you need the right one to look up the matching record.

How do I check my DKIM record?

Enter your domain and selector into the checker and run it. The tool reads DNS, validates the public key and syntax, and tells you whether signing is set up correctly, along with how to fix any problem.

My DKIM passes but email still goes to spam. Why?

DKIM is one of three signals. Confirm SPF and DMARC are also set up, check your content for spam triggers, and make sure your domain and IP are not blacklisted. Strong deliverability needs all three records plus good sending habits.

Is the DKIM checker free?

Yes. Enter your domain and selector, run the check, and get the result with fixes. No account required.

What does a DKIM record look like?

A DKIM record is a TXT entry in DNS under a selector, containing a version tag, a key type, and a long public key string, for example v=DKIM1; k=rsa; p=MIGfMA0... The checker retrieves and validates this for you

How do I find my DKIM selector?

The selector is set by your email provider and usually appears in the DKIM setup instructions or in the headers of an email you have sent. Common selectors include google, selector1, and k1. You need it to look up the matching record.

Can I have more than one DKIM record?

Yes. Unlike SPF, a domain can have multiple DKIM records, each under its own selector, for different sending services. Each selector points to its own key, so they do not conflict.

What key length should my DKIM use?

2048-bit is the current standard and stronger than 1024-bit. If your record uses a 1024-bit key, consider regenerating it at 2048-bit, as long as your DNS host supports the longer value.