What is DKIM and how to configure it?

Starting in February 2024, Gmail and Yahoo are rolling out new authentication requirements which require using a custom DKIM authenticated domain with DMARC reinforced.

GetResponse strongly advises all senders to use emails addresses from own sending domains as a from field, and to configure both DKIM and DMARC.

For additional details on these modifications, refer to our blog post:
Gmail and Yahoo’s Authentication Changes: All You Need to Know

Custom DKIM is not required to be able to send messages through GetResponse. You will still be able to send messages using a from field address on your domain, which will be sent with a GetResponse DKIM key and your sender email address will be displayed as “example@example.com via GetResponse-mail.com” in some email clients.

Configuring DKIM for your own domain can give you a significant boost in your email marketing communication as it lets you authenticate messages using your domain.

Firstly, it will hide any references to GetResponse in the messages you send, which are otherwise always visible for Gmail and all Microsoft tools (Outlook.com and Microsoft Outlook) and the messages will now only display the from email address.

Secondly, you will build your own deliverability reputation for this domain, allowing you to boost even further your deliverability rates.

Thirdly, if you would like to or are already using DMARC, this needs to be implemented before you start sending messages through GetResponse.

Before you begin

To be able to add your own DKIM key, you will need:

  • Your own domain
  • Access to the DNS administration panel
  • A DKIM key provided by GetResponse

How to generate a DKIM key

To generate a DKIM key in GetResponse you need to:

  1. In the GetResponse Dashboard, click Profile >> Emails and Domains.
  2. Go to Email addresses tab and Update DNS record next to the domain name you would like to generate the DKIM key for.



  3. In the pop-up window select Authenticate your domain with DKIM.



  4. Copy the DKIM identifier and DKIM key from the pop-up window:

    Image showing the pop-up window

How to generate 2048-bit DKIM key

The 2048-bit DKIM key is twice as long as the standard key and provides stronger encryption. It protects your email from a wide range of cryptographic attacks for years to come.

To generate 2048-bit DKIM key you need to:

  1. Repeat steps 1-3 from the previous section
  2. Move the slider beside Generate a 2048-bit DKIM key for stronger protection.

    2048-bit DKIM key

  3. Click the Confirm button in the confirmation pop-up. Note that this will invalidate your current DKIM key and its identifier.

    2048-bit DKIM key

  4. Copy the DKIM identifier and DKIM key.

How to add a DKIM record for my domain

The process may differ depending on where your domain is hosted.

To add a DKIM record to your domain, you need to:

  1. Log in to your domain hosting control panel.
  2. In the domain settings section, look for the DNS settings.
  3. Add a TXT record with appropriate values (name, value, TTL).
  4. Save the changes.

Depending on your domain host it can take up to 24 hours for the changes to propagate. We recommend sending a newsletter to yourself to test if the DKIM key has propagated correctly.

How to add a DKIM record in specific providers

You can check the official instructions made by other platforms (and some by us) on how to add DKIM records here:

123-RegHover
Amazon Route 53 (AWS)Hostgator
ArsysHostinger
BluehostInmotion Hosting
CloudflareIONOS
Crazy DomainsIWantMyName
Domain.comName.com
Digital OceanNamecheap
DNSimpleNameSilo
DreamHostNetlify
DynadotOne.com
EnomOVH
GandiPorkbun
GoDaddyRegister.com
Google Domains

Common issues when adding a DKIM key

The DKIM record does not work

This is caused by a selector mismatch. Please make sure the name input in your configuration does not miss the last sign of the correct selector (e.g. using “4e4a47e” instead of the correct “4e4a47eb”).

Some hosting providers require host field with dot, some witout dot, some with or without the domain. Please make sure to always verifiy domain name after saving it. In case of doubts contact your domain provider.

After adding DKIM messages go to SPAM or are rejected

Implementing DMARC without SPF and DKIM working properly will result in messages landing in spam and / or being rejected. Please test the domain with https://mxtoolbox.com/dmarc.aspx.
In such case, if there are mistakes in SPF and DKIM configuration, records need to be removed and added again. DKIM must be configured properly before DMARC is configured, while SPF is optional.

Only a part of the DKIM record is published

This is caused by the hosting provider allowing only up to 128 characters in a key. Please contact your hosting provider or domain administrator for assistance in adding the key.

Subdomain address is doubled

In some hosting panels the first column should only include the subdomain. In this case the correct configuration of this column would be formatted as “4a4b4c._domainkey” for example. On DNS servers of this type, adding“4a4b4c._domainkey.testgetresponse.com” results in the record being added to a duplicated domain like “4a4b4c._domainkey.testgetresponse.com.testgetresponse.com” for example.

DKIM working intermittently

Please make sure that you don’t have more than one DNS server for your domain. It is possible that one of your DNS servers may not be configured correctly. Please check all DNS servers to ensure that they are all configured with the correct DKIM and SPF settings.

For more information on email authentication, please see our blog post.

Related articles

Popular resources