Free DKIM checker · Instant · No signup
DKIM Checker
Look up your DKIM record and public key. Domain Doctor probes common selectors, validates the key, and checks its length so your signed mail is trusted.
VASTROX HOSTING · EMAIL · DNS · SSL
Want VASTROX to fix every issue above — for you?
Don't fix it alone. Our team configures your SPF, DKIM, DMARC, SSL, DNS and security headers correctly, then hosts you on fast NVMe infrastructure so your domain scores an A and stays there.
- Every failing check fixed and verified
- Hosting, business email, DNS & SSL under one roof
- Free migration from your current provider
What this checks
DKIM (DomainKeys Identified Mail) adds a cryptographic signature to your outgoing email. Receivers fetch your public key from DNS and verify the signature — proving the message really came from you and was not tampered with in transit.
DKIM keys live at selector._domainkey.yourdomain.com, and the selector varies by provider. Domain Doctor probes the common selectors (default, google, selector1/2, k1, and many more), validates the v=DKIM1; p= record, and checks the key length — 1024-bit keys are weak; 2048-bit is recommended.
Common DKIM Checker errors
- DKIM not set up for your sending provider
- Using an uncommon selector we cannot auto-discover
- Revoked key (empty p= value)
- Weak 1024-bit key instead of 2048-bit
- Key split incorrectly across DNS TXT chunks
VASTROX EMAIL SECURITY
Sign your mail with strong DKIM keys
We generate 2048-bit DKIM keys, publish them for every sending service, and rotate them on schedule.
- 2048-bit DKIM keys for every sender
- Correct selector setup and DNS publishing
- Scheduled key rotation
Trusted by businesses for hosting, VPS, business email & game servers · Free migration · Real support
Frequently asked questions
What is a DKIM selector?
A selector names which key to use, so you can rotate keys. It forms the DNS name selector._domainkey.yourdomain.com. Your email provider tells you which selector to publish.
Why can’t the tool find my DKIM record?
DKIM only lives under the selector your provider uses. If you use a custom selector we do not probe, look it up in your provider’s settings and check that exact name.
What key length should DKIM use?
2048-bit RSA is the current recommendation. 1024-bit still works but is considered weak; Ed25519 keys are also valid.