DKIM Record Checker
DKIM signs outgoing emails. Receivers verify the signature using a public key in DNS.
DKIM lives on <selector>._domainkey.<domain>. If selector is empty, we try common ones.
Result for chron.com
Found
Selector: default
(TXT on default._domainkey.chron.com)
v=DKIM1; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCu1qNdlHRyihe+7Q09KZZ6rXdL6XljCPr907rWO/LwYLjdQhqtMAcheaCWucPdJN9EbZqZyrMIwy0rDwnV9yJ/92j+Y6gkn2JBJjn5191H0vdFzG1QUzVUgI8R4TIQVV+q8mS21ppR7B+REltyiY3WDCWEmxkBTyxmwmlcvuDquQIDAQAB
Selector: selector1
(TXT on selector1._domainkey.chron.com)
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoTuTzCTnHkU8r08sjfJK07o3wwx1snjWZ3ZOo4GtJXKA34BNu6L1i5Pxsxe6xxlpvniHc7XccpqleQM+HFe1ohwPkyt1kILf5g8kB8GmCLWsdh09K6X98mC58iPGvE0raq/F/9F8gnm44qnRzA+JesxBo9nxbg7epau0UdWS/e3PygN6E1n4FJ3iY3kZ+jOyQU05q2FLbDReOS9SNoyqC08lD8HMUzace/oTx3gLgyov0cXteujCa/f//De9TRpAVIpkaUjwvsBk5+wHfxeEouXq8cZaR5hUkM/+WOgDUBAsQG5NhUvpxew5qyYDyEhRSEY8fqtufNWwbO4Qn4RAfQIDAQAB;
Selector: google
(TXT on google._domainkey.chron.com)
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqz/5x+0qHhEL8SjnkvXm/31I/1wMuFlWY2+zrWo9RabLWwE7MSalDvOZA0Ux9jre72gner7D52dg/38OKvgA5ZZc0fXmxW8NP/lBpXN27dBCnmOfztiDccC67k96vQ9RBahHUAGw320d9kZx9OsQBSMOMopGMn/nMTygeHWak6698Po3wboATsSauyowCHYCz8hyXalkSHk04tfm+5OlBHkKeVJPvrHt0lq3J7Q5OHMKv8MQGz5t86OaeAVUMFwxEC+OukdY1PMtYEuHlUReeIEGzbr2IiFU+9HixclrjiJhKrBhszrq+gWvVt5AEICVOQFKDgAxi21P4Tn/0U+UBQIDAQAB
FAQ
Why does DKIM require a selector?
Selectors allow rotating keys and running multiple keys per domain.
Where is DKIM published?
TXT on <selector>._domainkey.<domain>.
DKIM record exists but emails still fail DKIM?
Signing may be disabled or the selector used in email differs from DNS.
Do I need DKIM if I have SPF?
Yes, many providers use both for best deliverability and DMARC alignment.
Can I have multiple DKIM selectors?
Yes, that is common for key rotation or multiple senders.
What is DKIM?
DKIM (DomainKeys Identified Mail) adds a cryptographic signature to outgoing emails. DNS stores a public key that allows receivers to verify authenticity.
Example
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0B...
Common mistakes
- Wrong selector (the record exists but under a different selector).
- Key is split incorrectly across multiple TXT chunks (some DNS UIs break it).
- Publishing DKIM but not enabling signing on the mail provider.