DKIM Key Checker

Use this tool to lookup and verify a DKIM TXT record and determine its public key length. You can read more about why I wrote this tool. Please let me know if you find a record that doesn’t parse properly and I’ll update my code.

Selectors enable a single domain to have multiple keys. Some domains, like Twitter and eBay, use “dkim”. Google Apps domains typically use “google”. Others simply use “default”. Enter yours here. (Note: Do not include “_domainkey”)

Base Domain Name. (e.g.

Keys less than 1024 bits are considered at risk

57 thoughts on “DKIM Key Checker”

  1. Pingback: Outbound Solution
  2. Hi, thanks for the tool. Just found out that many similar tools out there are unable to handle long keys…yours works perfectly.

  3. Great tool. If you could please add support for some of the newer TLDs, .properties in particular, that would be swell.

  4. Thanks for the tool! Just a remark:
    Base64 encoded data usually wrap lines after 64 chars. The public key your tool did reconstruct wrapped after 78.

  5. Great tool. Just entered a record DKIM record with more than 255 chars and lookup result looked rather funny. I was expecting BIND to concatenate the multiple parts into one! Checked here with success. Then find out that it is the application using this record which is suppose to concatenate the parts.

  6. Hmmm, worked that time, after I updated my DNS to remove the domain. I just put it back, we’ll see how your tool does tomorrow.

  7. Hi Dave

    Thank you so much for providing this tool. I was able to check my Key Strength which was 1024 and upgraded it to 2018 at Google Apps.

    This has helped me a lot to implement DMARC and see how Spammers are trying to use my domains for their hideous activities.


    1. It should be working, what selector/domain are you testing?

      Mine has a 2048 bit key, for an example:

      selector: google

Leave a Reply

Your email address will not be published. Required fields are marked *