How to Add DKIM Authentication for Improved Email Security

Melody Jaimon • May 25, 2022

Email is one of the most important tools for communication in business, but it can also be one of the most not secure. This blog post will show you how to add DKIM authentication to your email to improve email security. DKIM authentication adds an extra layer of protection to your email and makes it less likely that your emails will be intercepted or blocked by spam filters.



What is DKIM authentication?

Before setting up DKIM authentication, it is important to understand how it works. DKIM stands for DomainKeys Identified Mail. It is an email validation system that uses cryptographic signatures to authenticate emails. When an email is sent, the DKIM signature is added to the header of the email. The receiving server can then use the public key in the signature to verify that the claimed sender indeed sent the email and that it has not been tampered with.


Setting up DKIM authentication usually requires access to your DNS records. If you are not comfortable making changes to your DNS records, you may want to contact your hosting provider or IT department for assistance. Once you have access to your DNS records, you will need to generate a DKIM key and add it to your DNS.



How DKIM Helps Prevent Spoofing and Spam

Below are some ways DKIM helps prevent email spoofing and spam:



Prevents Spoofing

DKIM is an email authentication standard that adds a digital signature to outgoing messages. Receiving mail servers that receive DKIM-signed messages can verify that the messages came from the sender and not someone impersonating the sender. DKIM also ensures that message contents are not changed after being sent.


When receiving servers can confirm that messages are from you, they are less likely to be marked as spam.


DKIM authentication increases the likelihood that legitimate messages will reach recipients' inboxes. Receiving servers can confirm that messages are genuine and not forged.



Deliver Messages to Recipients’ Inboxes

DKIM assists receiving email servers in verifying that messages are indeed from the organisation specified in the email. Servers are less likely to mark messages as spam when they can verify that they are from your organisation. Because the receiving server can validate that the message came from your domain and is not forged, this helps ensure that messages are delivered to recipients' inboxes.



Setting Up DKIM authentication for your Domain

Turning on DKIM will protect your domain from email spoofing & phishing, help prevent messages from being marked as spam, and help improve your deliverability. Here are the steps you need to take to set up DKIM for your domain:



Step 1: Get the DKIM key in your Admin console



Important: After you've enabled Gmail for your company, you have to wait 24-72 hours before you can retrieve your DKIM key in the Admin console. If you try to create a key before the waiting period is up, you may receive this error: DKIM authentication settings update failed.


1. Log in to your Google Admin console.

2. Use an administrator account to log in, not your regular email.

3. From the Admin console Home page, choose Apps > Google Workspace > Gmail.


Apps, Google Workspace, and Gmail


4. In the Selected domain menu, select the domain where you want to turn on DKIM.

5. Click Authenticate email.



authenticating your email on Google Admin


6. Click the Generate New Record button.

    a. If your domain provider supports 2048-bit keys, choose this option. Longer passwords are more secure than shorter passwords.

    b. If you previously used a 1024-bit key, you can change to a 2049-bit key if your domain supplier allows it.

7. To generate a new record, select Generate at the bottom of the Generate new record. The text string beneath TXT record value moves to a new value.

8. Copy the DKIM values from the Authenticate email window.


your DKIM name and value


Step 2: Add your domain's TXT record name and DKIM key.

Sign in to your domain provider and add the DKIM information you got in Step 1. 


Remember these things:

  • Some domain providers have limits on how long a TXT record can be. 
  • DKIM can take up to 48 hours to start. After adding a DKIM key, DKIM authentication can take up to 48 hours to start working.
  • Multiple domains: If you are setting up DKIM for more than one domain, follow the steps below for each domain. For each domain, you must get a unique DKIM key from the Admin console.

Contact your domain provider if you need help with your domain's sign-in information, settings, or TXT records.

  1. Sign in to your domain provider's management console.
  2. Find the page where you can change your domain's DNS settings.
  3. Add a DKIM TXT record:
  • In the first field, type the DNS Host name (the name of the TXT record) that you see in the Admin console.
  • In the second field, type the TXT record value (DKIM key) that is shown in the Admin console.


DKIM key

4. Save your changes.


For the next step, go back to your Admin console.


Step 3: Turn on DKIM signing

Important: The message "You must update the DNS records for this domain" could stay on the Authenticate email page of your Google Admin console for up to 48 hours. You can ignore the message if you correctly added your DKIM key to your domain provider.


1. Go to your Google Admin console and sign in. Sign in with an administrator account, not your regular Gmail account.


2. On the Home page of the Admin console, click Apps, then Google Workspace, and then Gmail.


3. Click Authenticate email.


4. Choose the domain where you want to turn on DKIM from the Selected domain menu.


5. Click the "Start authentication" button. When DKIM is set up and working correctly, the status at the top of the page changes to "Authenticating email."



the start/stop authentication button


Step 4: Make sure DKIM authentication is turned on

1. Send an email to someone who uses Google Workspace or Gmail. (You can't send yourself a test message to make sure DKIM is on.)



2. Open the message in the inbox of the recipient and look for the whole message header.

Note that the steps to see the message header are different for each email client. To see the headers of a message in Gmail, click More next to Reply and then Show original.


3. Look for Authentication-Results in the header of the message. The headers of incoming messages are written in different ways by different services, but the DKIM results should say something like DKIM=pass or DKIM=OK.


Summing it Up

DKIM is a security measure that businesses can use to improve email deliverability and prevent spoofing and spam. By implementing DKIM, businesses can make it more difficult for attackers to send malicious emails to users. 


In addition, DKIM can help reduce the chances that legitimate emails will be marked as spam.  While DKIM is not a perfect solution, it is a valuable tool that all businesses should consider improving their email security. 


Do you need a quality website or eCommerce store for your business? Book a meeting with us so we can discuss your needs.

See How Our Agency Can Drive Massive Amounts of Traffic to Your Website

Website Design designed for your audience and to be found on Google Searches
SEO - unlock relevant and increased SEO traffic. 

Paid Media - effective paid strategies with a clear ROI.

Get Started

Love My Online Marketing has 10+ Years of working alongside businesses and helping them grow. Discuss your options for online success from website Design and Development through to Google Marketing.

Get in Touch

Do you want more traffic and business leads?

Love My Online Marketing is determined to make a business grow. Our only question is, will it be yours?

Let's Chat
A group of people are working on a project on a whiteboard.

Top Principles and Best Practices for Better User Experience (UX)

By Melody Jaimon July 22, 2025
Learn UX design principles, research methods, and UI best practices that shape intuitive, user-friendly websites. Read the full guide for actionable insights.
A group of people are looking at a computer screen in an office.

MVP vs Prototype: Which Services Do You Need First?

By Melody Jaimon July 15, 2025
MVP or prototype? Understand their unique roles and how to choose the right one for your startup's early-stage success. Read the full breakdown.
A computer is sitting on a desk with a website on the screen.

Is It Still Worth Having a Website in 2025?

By Melody Jaimon July 10, 2025
A website is still essential in 2025 for control, trust, and growth. Learn why your business needs one and how it gives you the edge. Read more.
A laptop computer is open to a screen that says traffic.

Best Website Traffic Checker: Analyse Your Site’s Performance for Free

By Melody Jaimon July 10, 2025
Use a free website traffic checker to track your site’s performance, compare competitors, and uncover SEO insights. Read more for top tools and expert tips.
A group of people are sitting at a table in front of a window.

The Smart Way to Launch a Start Up in Australia

By Melody Jaimon July 10, 2025
Starting a business in Australia? Learn how to register, plan, brand, and grow your startup with practical advice and insights. Read the full guide.
A woman is recording a video with a camera while wearing headphones.

How Video Production Agencies Are Shaping Modern Marketing Strategies

July 10, 2025
Video agencies bring brands to life with emotion, narrative, and motion. Learn how they're reshaping marketing for the digital age. Read more here.
A laptop with a red envelope with a padlock on it.

Essential Guide to Preventing Email Hacking and Securing Your Account

By Melody Jaimon July 9, 2025
Email hacking is a growing risk. Learn how accounts get hacked, spot the signs, and boost your cybersecurity. Read the full guide to stay protected.
Two flags are flying in front of a building

Why More Australian Websites Are Including an Acknowledgement of Country (And How to Do It Respectfully)

By Melody Jaimon July 2, 2025
More Australian websites now feature Acknowledgement of Country. Learn why it matters, how to write one respectfully, and where to include it on your site.
A person is holding a cell phone in front of a laptop using Gmail as part of a Google Workspace CRM

How To Use Google Workspace Like a CRM

By Melody Jaimon June 20, 2025
Looking for a simple CRM alternative? Learn how to use Google Workspace as a CRM system for your small business. Manage enquiries, share inboxes, assign tasks, and stay organised—without extra software.
a man touching an email icon with his index finger

What is a Google MX Record and How Do You Set It Up?

By Melody Jaimon June 20, 2025
Google MX records direct Google and other search engines to your mail server. Without these records, mail from your domain will often be sent to the spam folder. Read more about Google MX records, including how to set them up.