How to add DKIM record

In this article I will give an example of generating keys and adding DKIM records.

In the Linux terminal, execute the command to generate a secret key with a length of 1024, you can specify 2048, but not all DNS servers can accept (this key is not shown to anyone):

openssl genrsa -out private.pem 1024

We get the public key from the secret (we will specify it in the TXT DNS server records):

openssl rsa -pubout -in private.pem -out public.pem

You can use the free service to generate DKIM, but I do not recommend.

Now you need to specify these keys in the mail server settings, and also add a TXT record in the DNS server settings, for example:

default._domainkey TXT "v=DKIM1; k=rsa; p=..."


default – selector, in this case, I have specified for the main domain, you can specify a subdomain here, for example, mail._domainkey or default._domainkey.mail.

v – DKIM version.

k – key type.

p – public key.

You can also specify:

t=y – test mode.

t=s – determines that the entry applies only to the specified domain, and not to all subdomains.

You can verify the record using dig:

dig +short TXT

See also my articles:
How to add DKIM record for iRedMail
Configuring SPF and DKIM records in cPanel
How to add DMARC record

Join the Conversation


Leave a Reply