DKIM Record Checker

Verify DomainKeys Identified Mail (DKIM) public key records for a domain using selector prefixes to validate cryptographic email signatures.

This interactive client-side tool is part of the NervLink Cybersecurity Suite. All analysis is verified entirely inside the local browser sandbox for maximum safety and data privacy compliance.

How It Works

  1. Provide a selector prefix and the target domain hostname.
  2. The tool queries the TXT record at selector._domainkey.domain.
  3. The DKIM version, public key value, hash algorithm options, and key type flags are inspected.

Primary Use Cases

Common Security Pitfalls

Frequently Asked Questions

What is a DKIM selector?
A selector is a unique string prefix assigned to specific email services or campaigns, allowing multiple different public keys to exist on the same domain.
What key size should I use for DKIM?
A 2048-bit RSA key is the modern standard. 1024-bit keys are discouraged as they are vulnerable to cryptographic cracking, and keys over 2048-bit might not fit in standard DNS TXT records.

References & Standards