DKIM Records

DKIM (DomainKeys Identified Mail) is an email authentication method that helps verify that an email was actually sent from your domain.

How DKIM Works

DKIM adds a cryptographic signature to outgoing messages. Receiving servers look up the matching public key — published as a DNS TXT record on your domain — and use it to confirm the message hasn't been forged or altered in transit. Each domain has its own unique key.

Setup Steps

  1. Obtain your key
    In DirectAdmin, go to Account Manager → DNS Records and select your domain to view its unique DKIM key.
  2. Add the DNS record
    Publish the key as a TXT record with the host name x._domainkey. You MUST include both the underscore (_) and the period (.) exactly as shown.
  3. Verify
    After publishing, DNS propagation typically takes 4–6 hours before verification tools can confirm the record is correct.

Record Format

Your record will look similar to the following, with a long public key in the p= field:

x._domainkey.yourdomain.com   TXT   "v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQ..."

Host name must be exact

The host must be x._domainkey — include both the underscore and the period exactly. A small typo here will cause verification to fail silently.

Common Complications

ProblemResolution
Provider adds quotation marks automaticallyRemove the extra quotes so the value isn't double-quoted.
Character limit on a single recordSplit the key into multiple quoted strings as your provider requires.
Verification not passing yetAllow 4–6 hours for DNS propagation before re-checking.

DKIM works best with friends

DKIM functions optimally alongside complementary authentication methods. Properly configured, it helps your email reach inboxes rather than spam folders and builds positive sending reputation.

Pair DKIM with an SPF Record and a DMARC Record for full authentication coverage.