DKIM Record Checker
DKIM signs outgoing emails. Receivers verify the signature using a public key in DNS.
DKIM lives on <selector>._domainkey.<domain>. If selector is empty, we try common ones.
Result for 1-stop.biz
Found
Selector: selector1
(TXT on selector1._domainkey.1-stop.biz)
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzk0pLyJ9xf0I4m506ZLgYuKZESphvoG29YfyZ8gmETvAg0OfvRDnWv5lJrLZpo4GBpndU2Xu/XjFfb5AgZpGn49l6jEWJWSqqGJQnjlGMTTFF7YEK3WLAVeVTSqVvneXRt6axVcDAx0RKOMwpgC3wjiepYReIz8rOMtWtwDkVhjo/jqqshjylTC773XnLgBrreZPKBLmrCIWwEafIvBOlGv0b1I1wPFuh/8TyaYLE3fB9OcNYW8Q+gAeMus8UrZtA34deNup6o8T3PWmxU6FebmIc+Dm4siglNUU55/P12GkPXnENR4ieaiI8vUxBFtLRRDU+0/7G5/0m/5bflraPQIDAQAB;
Selector: selector2
(TXT on selector2._domainkey.1-stop.biz)
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuoBJWYclZGJIhWx6K3De+/CLNymBmILjpv0xF7t9bfOMhCY0y48axkO71uFI4e1htCcW8/xYBMwg3bzF5LcHA04Vxybp597ewtyUIXN93GIk4S4CzNTP7dZtkqQzqZEn2TXcTsOgg7XYSUPkcjap6lNHxANzBqq+Wlzjdos3OvgeQJhiiV7uo3+yeggtGWYHY6VK+qKJ1ueeOIAnwCMbx7/jihYKg+9n8IxQH1J6xn0Xc4oTK/H+KAtNncazD9JkS88pyfWuL4CJ/OTMAZYUH6POT4SEQcN2zpH/YEmyGOEBTF9ZIpXhyQsLYISkL5vKKLprvAhkTkqx1olfM3hBYQIDAQAB;
Selector: mail
(TXT on mail._domainkey.1-stop.biz)
v=DKIM1;h=sha256;k=rsa;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDmJzjgwfVHQb5URiCYifK7VI8mVwz7Xw+5E70v9sMliEp+oUkT8AtEUqUJyc4Ckn+7GwHz+kZF109KzoUn0ynaQIkRbWzQOE+gsU5UqIRzygHOnw2IKGknRoTRmTH/UuHnz67mcDBbkWl/ZWg2/wJhw3W2Zgo3U6knoxP9gL77KwIDAQAB
FAQ
Why does DKIM require a selector?
Selectors allow rotating keys and running multiple keys per domain.
Where is DKIM published?
TXT on <selector>._domainkey.<domain>.
DKIM record exists but emails still fail DKIM?
Signing may be disabled or the selector used in email differs from DNS.
Do I need DKIM if I have SPF?
Yes, many providers use both for best deliverability and DMARC alignment.
Can I have multiple DKIM selectors?
Yes, that is common for key rotation or multiple senders.
What is DKIM?
DKIM (DomainKeys Identified Mail) adds a cryptographic signature to outgoing emails. DNS stores a public key that allows receivers to verify authenticity.
Example
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0B...
Common mistakes
- Wrong selector (the record exists but under a different selector).
- Key is split incorrectly across multiple TXT chunks (some DNS UIs break it).
- Publishing DKIM but not enabling signing on the mail provider.