How to use DKIM Print this Article
First, let me stress that you can most likely live without DKIM and save yourself the frustration of dealing with this. We use MailChannels for outbound email. DKIM provides extremely small benefit to inbox delivery reputation. It's only true benefit is to show that emails are actually from you and not spoofed, by using the signature. Now, raise your hand if you can think of a top mail provider that always rejects DKIM failures or a list of recipients that actually check if emails are signed. Crickets chirping? Exactly. The entire standard is pointless, it's only role required that people actually enforce the standard, and that ship has sailed.
If you do want to press forward, here is the tutorial. Don't rush this, you will miss a detail.
In the example below it is assumed you host example.com domain at MXRoute. Please change domain name accordingly.
After you completed order, in your welcome email from MXRoute, you are given their DNS servers addresses. In description below, it is assumed it's ocean.mxroute.com. Please use actual NS name taken from your welcome email.
It is assumed you host your domain (example.com) DNS records elsewhere and that you can add or update TXT records on the mentioned DNS hosting service.
Step 1. Enable DKIM in cPanel, the setting can be found in "Authentication" link under the Email tab.
Step 2. Get proper DKIM record from MXRoute. Open site:
And enter the following information in the field of lookup tool:
Host/IP address: default._domainkey.example.com
DNS server: ocean.mxroute.com
Query type: TXT
Don’t forget to replace example.com with your hosted domain name, and ocean.mxroute.com with your MXroute server's hostname.
Click">Query!". It will return twochunks of data looking like
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4aRAKPIsvUuNEWW6dAaIB75 7i/9NLGBvuYq+G5BE2vaSArA6wbLs/Qjoi9aV/iwBNwCaMK71k4IwPLzKvqUYKcTpS1Bd HN7mkbr3HKAx7Jy/IdwEM4hKmAnQ+yZZz9ho/938sICmsfKaByHVOwbAnkKGLhDPJCKQh pXMpqBQn/eWNPS6+KzpM/yQaxJI0H8dW
5LyNcrK6jaD2MhgQwjjDDeAYJiofNo/QK9Qgrk6p9l/vD1nOd8QmjRqN2JY+gnNIDFmCJ c2FqNGGbLI7Oa+tDlpGNZdbDmJmHovNgVUjT+F5eu3wUd5PPPs70T+4wBvUA6Q6XQDA+Y 04mDXA+QiyQIDAQAB;
Open any text editor capable of handling long lines, and paste both chunks into it. Do not allow whitespace between chunks, make sure there's no whitespace on either sides, as well. The resulting long string is DKIM record you need to create.
Step 3. Open your service to edit DNS settings for your example.com domain and add record:
default._domainkey TXT <text>
Replace <text> with the DKIM record obtained at Step 1. Note, certain DNS services may require to add double quotes around; however, those quotes are not part of the record. Specify as little TTL value (usually in seconds) as allowed. Save the changes.
Step 4. Open site
You will see randomlooking email address and a button. Send test email message to the mentioned email address taken from site from MXRoute Webmail interface to, from any email from example.com domain. Wait for a while, to allow message to arrive and click button on the above site, to verify.
After your test message arrives, the site will display a lot of information about it in several text area fields. In the second text area, with DKIM information, closer to the end should be validation results. If there's string
result = pass
then you are done, DKIM is set up properly.
Note: Most probably the reason for DKIM setup failure can be:
- you didn’t use your actual domain name/correct name of MXRoute nameserver, from welcome message
- DKIM (TXT) DNS record default._domainkey for your domain hasn't yet been propagated (nameservers for the domain haven't yet added it)
- you have made mistake when setting DKIM field edit corresponding DNS record to verify there are no extra whitespace inside the line, or on either side of it
Was this answer helpful?
If you receive one of these errors, it most likely means one of two things:1. You are sending...
We are frequently asked if we can provide a CNAME record so that our clients can use their own...
The answer is most likely no. In a shared environment we receive multiple requests per day to...
No, these are global to protect our infrastructure. Many of our spam checks happen at connect...
While we may use cPanel as a front-end, we do not offer FTP access or regular web hosting features.