Easy DKIM checker & more: Explore Sendmarc’s free tools

In a recent blog, I explained why DomainKeys Identified Mail (DKIM) is important, how it works, and some of the challenges your business might experience during implementation. Now, we’re going to get a little more practical.

Let’s take a look at some of the tools we have on our free, publicly available Tools platform, like our DKIM checker.

Sendmarc’s DKIM checker & more

Public key check

Sendmarc Tools offers two primary ways to check your company’s public keys: Know Your Score and DKIM Lookup. But before we get into how to use the tools, it’s probably good to know how public keys work.

When an email signed with the private DKIM key is received, the recipient server compares this signature with the public key signature, which is stored in the Domain Name System (DNS).

But, a company might have multiple senders using DKIM, so the question becomes: How does a recipient server know which public key to use?

The answer’s simple: Every public key has a unique selector that a server can use to identify the right key. This selector is sent with the private key, making identification easy.

Think of the selector (taken along with the domain) as an employee number. There might be many Johns in your company, but only one JHN001.

Know Your Score

The first feature that I’d like to focus on is our Know Your Score tool, also known as a DKIM checker. This answers the question: Is DKIM in place somewhere for my domain?

Using the tool is incredibly simple – visit the tools page and enter your domain’s URL.

Clicking on View Detailed Report on the bottom left will reveal a breakdown of the ratings.

Under Impersonation Rating, you’ll find the DKIM rating. This will tell you if any common DKIM selectors are found, and if so, how many.

Clicking Analyze will tell you exactly which keys are found.

You might be asking how we’re able to find these keys if we don’t have that unique identifier, the selector.

Many senders use the same selector for all their clients. Since the uniqueness comes from the combination of the selector and the domain, each client keeps the same selector. So Sendmarc can maintain a library of these common DKIM keys and, when taken with the domain name, find whether they’re present on your domain.

It’s important to note that not all providers follow this approach. Some require their customers to choose their own selectors or generate the selectors based on the date the private key was generated. To find these keys, you’ll need a different tool.

DKIM Lookup

The DKIM Lookup tool is the best way to check if a public key is published. To use this tool, you’ll need both the domain and the selector.

Simply enter this information, and if the key exists, you’ll see it published.

The tool will not only tell you if the key is published but also perform various technical checks on the key’s validity.

Private key

These days, most senders will automatically generate private keys and use those to sign your business‘s emails. This means that 90% of people never have to use this tool. For the remaining 10%, this tool simplifies their work.

At some point during the sender configuration (if the sender doesn’t take care of this), your organization will be asked to generate a private key.

To do this, simply enter your domain, your selector, and your key size*.

*The general rule of key size is that larger keys are better, so 2048 is better than 1024 – but your business’s DNS provider might not support keys this size. Sendmarc can resolve this for your company using DKIM management.

The tool will then provide a:

Private key: Use this value to configure your sender
DKIM record: Publish this into your DNS to act as your public key
Public key: This is simply your key in its raw X509 format – some senders will require this information during configuration

And that’s it! With our DKIM checker and other tools, protecting your organization’s emails from manipulation has never been easier. Interested in learning more about safeguarding your business from email-based threats? Book a demo with one of our experts.