Using DKIM to help with email delivery
DKIM stands for DomainKeys Identified Mail. DKIM and DMARC allow the receiving email server to verify the authenticity of messages sent from your domain, which helps prevent email spoofing.
In this article
Should I use DKIM?
While DKIM isn't required, having emails that are signed with DKIM appear more legitimate to your recipients and are less likely to go to Junk or Spam folders. Like SPF, passing DKIM is required for "Domain-based Message Authentication, Reporting & Conformance" (DMARC), a newer standard to reduce email spoofing which builds on top of SPF and DKIM. To learn more, read our help article on DMARC.
In addition to verifying the authenticity of an email message, DKIM also provides a way for ISPs to track and build a reputation on your domain's sending history. This is why we strongly encourage signing DKIM with your own domain, allowing you to build a reputation as opposed to using our sending domain. This reputation is portable and will help you control your reputation and sending practices across multiple sources.
Setting up DKIM
Before you get started, make sure that you have access to your domain control panel, and the ability to create new DNS records. You'll need to create two CNAME records for DKIM.
Open a mailbox, then navigate to the Connection Settings page.
On the Sending Email tab, expand the DKIM section to get started.
The first CNAME record should match values seen in the
Record 1 table, with the
First Host value being the
Hostname, and the
Suggested target value being the
The second CNAME record should match values seen in the
Record 2 table. In our example below, we're setting up the first CNAME record via
- After you've saved your new CNAME records, you can return to the DKIM section and click the Test Settings button to validate DKIM setup. Remember, it can take up to 24 hours before DNS changes propagate.