DKIM Record Generator

Generate a valid DKIM DNS record for your domain. Choose your key type (RSA or Ed25519), set a selector, paste your public key, and get a ready-to-use TXT record with key generation commands.

Generate a valid DKIM DNS record for email authentication

Domain

Email provider (optional)

Selector

Identifies which DKIM key to use (e.g., "default", "google", "s1")

Key type

RSA key size (bits)

Keys larger than 1024 bits may exceed the 255-character TXT record limit. Your DNS provider may split this automatically.

Public key (PEM format)

Paste the public key from your key pair. The header/footer and whitespace will be stripped automatically.

DNS Record Name

default._domainkey.example.com

TXT Record Value

v=DKIM1; k=rsa; p=YOUR_PUBLIC_KEY_HERE

Generate a key pair

Run these commands to generate an RSA-2048 key pair:

openssl genrsa -out dkim_private.pem 2048

openssl rsa -in dkim_private.pem -pubout -out dkim_public.pem

Key size comparison

1024-bitBasic

Security: Basic

Compatibility: Universal

2048-bitRecommended

Security: Strong

Compatibility: Most providers

4096-bitMaximum

Security: Maximum

Compatibility: May need splitting

How to set up DKIM

Generate a public/private key pair using the commands above
Add the TXT record to your DNS with the name shown above
Configure your mail server to sign outgoing emails with the private key
Verify with a DKIM checker
Allow up to 48 hours for DNS propagation

About this tool

DKIM (DomainKeys Identified Mail) adds a cryptographic signature to your outgoing emails, proving they haven't been tampered with in transit. This generator creates the DNS TXT record you need to publish your DKIM public key. Pair it with SPF and DMARC for complete email authentication. After adding the record, verify it with our DKIM checker.

Frequently Asked Questions

More Free Tools

View all tools

Email Word Counter

Count words, characters, and reading time for your email content. Optimize email length for better engagement - includes benchmarks for different email types.

DNS Propagation Checker

Check if your DNS changes (SPF, DKIM, DMARC, MX records) have propagated globally. Verify your email authentication records are visible from servers worldwide.

BIMI Record Checker

Check if a domain has BIMI (Brand Indicators for Message Identification) configured. BIMI displays your brand logo next to emails in supported inboxes like Gmail and Apple Mail.

CIDR Calculator

Calculate IP address ranges from CIDR notation. Convert between CIDR, subnet masks, and IP ranges. Essential for configuring SPF records and understanding IP allowlists.

How to set up DKIM

About this tool

Frequently Asked Questions

What is a DKIM record?

Should I use RSA or Ed25519 for DKIM?

What is a DKIM selector?

How do I generate a DKIM key pair?

More Free Tools

Email Word Counter

DNS Propagation Checker

BIMI Record Checker

CIDR Calculator