Free DKIM checker

Enter your domain: we look for your DKIM keys across the selectors used by major providers.

Free, no signup. Result in 15 seconds, with the full report (SPF, DKIM, DMARC, website).

What does this DKIM test check?

DKIM publishes a public key in your DNS under a "selector" (e.g. selector1._domainkey.yourdomain.com). Our test queries 21 common selectors — Microsoft 365, Google Workspace, Zoho, Mailchimp and others — to detect whether your emails are digitally signed.

What is DKIM for?

DKIM adds a cryptographic signature to every outgoing email. The recipient verifies the signature with your public key: if the content was altered in transit or the sender doesn't hold the key, verification fails. It's also one of the two pillars DMARC relies on.

An honest limitation

Some providers use custom or rotating selectors this test cannot guess. If your provider signs with an unusual selector, the test may show "not detected" even though DKIM works. The full report then tells you where to double-check with your provider.

Frequently asked questions

What is a DKIM selector?

The name under which your DKIM public key is published in DNS (selector1._domainkey.domain.com). Each provider uses its own selectors: selector1/selector2 for Microsoft 365, google for Google Workspace, etc.

DKIM not detected — is it serious?

If your domain sends email, yes — enable DKIM with your provider (it's free and usually one button + 2 DNS records). If the test detects nothing but your provider confirms DKIM is active, it may be a custom selector.

Does DKIM replace SPF?

No, they complement each other: SPF validates the sending server, DKIM validates message integrity and origin. DMARC requires at least one of the two to pass AND align with your domain.

Helpful guides