DKIM Record Generator
Stop your email from being modified during transit with a DKIM record. Our free DKIM Record Generator helps you generate DKIM records in seconds!
DKIM Generator Results Explained
A DKIM record (a DNS TXT record) that contains various tags and their accompanying values is created when you utilize a DKIM record generation tool. These tags detail different DKIM configurations and parameters. Here are some potential DKIM tag outcomes when you use our DKIM generator and their justifications
Possible value: DKIM1
Explanation: Indicates the version of the DKIM protocol being used. DKIM1 is the current version.
Possible value: A long string of characters that represents the public key.
Explanation: This is the public key that email receivers use to verify the digital signature on incoming email messages.
Possible value: rsa or ed25519
Explanation: Specifies the cryptographic algorithm used to generate the public key. “rsa” is the most common choice, but “ed25519” is an option for more modern and secure cryptography.
Possible value: The signing algorithm, typically “rsa-sha256” or “ed25519-sha256.”
Explanation: Specifies the cryptographic algorithm used for creating the digital signature. “rsa-sha256” is commonly used with RSA keys, while “ed25519-sha256” is used with Ed25519 keys.
Possible value: A long string of characters representing the digital signature.
Explanation: This tag contains the actual DKIM signature value, which is the result of applying the private key to the canonicalized email headers and body. It’s used to verify the authenticity of the email message.
Possible value: A long string of characters representing the hash of the canonicalized body.
Explanation: This tag contains the hash value of the canonicalized body of the email message. It is used for body integrity checks and is compared with the hash of the actual message body during verification.
Possible value: y or s
Explanation: If set to “y,” it indicates that this is a testing or development DKIM record. If set to “s,” it indicates that it’s a production (live) DKIM record.
Possible value: A timestamp (Unix time).
Explanation: Indicates the date and time at which the DKIM signature should be considered expired. The email receiver may choose to ignore signatures that have passed their expiration time.
Possible value: From null to empty string
Explanation: Specifies the granularity of the domain that this DKIM record covers. A null value means the entire domain, while other values can limit the DKIM signature to specific subdomains or subdomain patterns.
Possible value: A selector name.
Explanation: The selector is a unique name used to distinguish different DKIM records for a domain. It’s typically created by the domain owner and published in the DNS.
How to use a DKIM Record Generator?
- Enter your domain name in the designated box (if your website URL is https://company.com, your domain name will be company.com without the prefix)
- Click on the “Generate DKIM record” button
- You will receive a DKIM key pair (private and public keys)
- You need to publish on your public key on your domain’s DNS
Creating a DKIM Record for Your Domain
In order to authenticate and secure email, your domain has to create DKIM record. DKIM makes it possible to confirm the legitimacy of the sender’s domain and guarantees that the email message was not changed in transit. This is essential for reducing the risk of email spoofing and phishing scams as well as for increasing email deliverability.
Here’s why it matters:
- DKIM’s authentication feature increases trust and lessens the chance of phishing by enabling email recipients to confirm that the message they received indeed originated from the domain it claims to be from
- To guarantee that the email has not been tampered with during transmission, DKIM digitally signs the email’s content and headers.
- To ascertain whether an email is authentic, several email services employ DKIM as one of the parameters. Your email’s chances of arriving in the recipient’s inbox as opposed to the spam bin can be increased if it has a verified DKIM signature.
