DKIM Record Checker
DKIM signs outgoing emails. Receivers verify the signature using a public key in DNS.
DKIM lives on <selector>._domainkey.<domain>. If selector is empty, we try common ones.
Result for es-trade.biz
Found
Selector: selector1
(TXT on selector1._domainkey.es-trade.biz)
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtCpEELQYmstrI9DvGv7NZSpX8EaU27sTjmJG/tQl643AwgxiR/7KJlMvlUpfTvHEEv/dxBLM7MArkoBcCJRlnJVjaLTNCVGoDa155UIyejx5UvKjMdSw52CsGOeRI33DhkJJ6Faq9aMRiDhf1rXH+WO3CKwHqYcXW17YNIrVYwVLRz0YSS2KVNSzD6TfeGuOlMPH7JPQ1MGurFPMkPjVoJHEZLdS65E0XrdgyRm2Stbh1nQRg1SB7rA1I+TncAQSwpZliqN+GE+XyEmyYIENxEv8dCj8og14d36WudfwcQqW3XDCO0p090N+TgFHH+D1a01CT3tFEyPlNQgCuZEX4QIDAQAB;
Selector: selector2
(TXT on selector2._domainkey.es-trade.biz)
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2lTLE5Hcl22n79r2AXI2V7nTJ0l9HMLc0e+jE3xCia7IdrlMEElK2gTP2nj8yST1+QAGekYnJkbITfWa/tPJePZuzichFjBbC/THqbT+yqZHz8PUVOfDkEHJ0clvfWjSiFeyE5yiey3h5S4CaQodGLmiOXrTJTorZz+hBwLbmTMPU9ehlS1WTlB/pfFQlX/ak2zKQ4S1zJLg9UmCwNVBbNkHL3aDEcsVoK1VfYRkXSUg02hi9GS6PBaM5vThyXH2a1609Qu6NdezavJQwSGirmceB5NmtcUyYn/GsFozeILgSjLJVuU/pAi66Lqb38saHpwForMYHq9K4kj7tH3rqQIDAQAB;
Selector: mail
(TXT on mail._domainkey.es-trade.biz)
v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC5A+ij96cHkRv92GFe4GKGn6pj2Rhhyh2zxBE5bsjNS1NnqDdoU96KXAi7NIiV33AcdXoRMn8+w3QwFptq5c2WXPQuvsbIKEkOBlHpmrd5Fb7cG3t64GnpD0rkXvIVZBiiV7O3pTKjfXU7yThF6RV+MHWaeVqg0EpFmUSNKh/HhwIDAQAB
FAQ
Why does DKIM require a selector?
Selectors allow rotating keys and running multiple keys per domain.
Where is DKIM published?
TXT on <selector>._domainkey.<domain>.
DKIM record exists but emails still fail DKIM?
Signing may be disabled or the selector used in email differs from DNS.
Do I need DKIM if I have SPF?
Yes, many providers use both for best deliverability and DMARC alignment.
Can I have multiple DKIM selectors?
Yes, that is common for key rotation or multiple senders.
What is DKIM?
DKIM (DomainKeys Identified Mail) adds a cryptographic signature to outgoing emails. DNS stores a public key that allows receivers to verify authenticity.
Example
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0B...
Common mistakes
- Wrong selector (the record exists but under a different selector).
- Key is split incorrectly across multiple TXT chunks (some DNS UIs break it).
- Publishing DKIM but not enabling signing on the mail provider.