DKIM Records
DKIM (DomainKeys Identified Mail) is an email authentication method that helps verify that an email was actually sent from your domain.
How DKIM Works
DKIM adds a cryptographic signature to outgoing messages. Receiving servers look up the matching public key — published as a DNS TXT record on your domain — and use it to confirm the message hasn't been forged or altered in transit. Each domain has its own unique key.
Setup Steps
- Obtain your key
In DirectAdmin, go to Account Manager → DNS Records and select your domain to view its unique DKIM key. - Add the DNS record
Publish the key as aTXTrecord with the host namex._domainkey. You MUST include both the underscore (_) and the period (.) exactly as shown. - Verify
After publishing, DNS propagation typically takes 4–6 hours before verification tools can confirm the record is correct.
Record Format
Your record will look similar to the following, with a long public key in the p= field:
x._domainkey.yourdomain.com TXT "v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQ..."
Host name must be exact
The host must be x._domainkey — include both the underscore and the period exactly. A small typo here will cause verification to fail silently.
Common Complications
| Problem | Resolution |
|---|---|
| Provider adds quotation marks automatically | Remove the extra quotes so the value isn't double-quoted. |
| Character limit on a single record | Split the key into multiple quoted strings as your provider requires. |
| Verification not passing yet | Allow 4–6 hours for DNS propagation before re-checking. |
DKIM works best with friends
DKIM functions optimally alongside complementary authentication methods. Properly configured, it helps your email reach inboxes rather than spam folders and builds positive sending reputation.
Pair DKIM with an SPF Record and a DMARC Record for full authentication coverage.