MailSlurp logo

Free DKIM checker

Free DKIM checker and DKIM lookup tool

Run a free DKIM checker to validate email-signing selector records for any domain. Use this DKIM lookup tool to resolve the selector name, inspect the live TXT value, review algorithm and key length, and catch record issues before sender changes break alignment.

Run a free DKIM lookup

Check the live DKIM selector for a domain

Enter the domain and, if known, the selector name. If you leave selector empty, the tool tries common selector hostnames and shows what it checked.

Public DKIM checks are one-shot only. Use the product workflow for recurring auth validation.

Use case

Use this before signing or domain changes

This page is strongest when a team is rotating selectors, onboarding a provider, or trying to understand which DNS record is responsible for current DKIM behavior.

  • Validate selector records before enablement
  • Check key posture during migrations and rotations
  • Reduce guesswork when inherited sender setup is unclear

Upgrade path

Pair DKIM lookups with broader auth checks

A healthy selector matters more when it is reviewed together with SPF, DMARC, and real message outcomes instead of in isolation.

  • Monitor sender auth as a combined stack
  • Review auth drift after provider or DNS changes
  • Use message headers as runtime proof
Open auth monitoring

Key details

Primary use

DKIM lookup

Resolve the selector record for a domain before and after sender changes.

Signal

Selector health

Confirm the selector name, TXT value, algorithm, and key length look production-ready.

Fallback

Common probes

Search common selector names when the active DKIM selector is unknown.

Next step

Header proof

Use real message headers to confirm the selector you found is the one currently signing mail.

What this checks

A useful DKIM checker should answer selector and signing questions quickly

The goal is not only to locate a TXT record. It is to show whether the queried selector looks valid, what record name was used, and whether the key posture deserves deeper review.

Selector

Name resolution

Check the intended selector directly or let the tool try common selector names when you are not sure.

Record

Live TXT

Inspect the visible DKIM TXT value that receivers will use to validate signatures.

Key

Length and algorithm

Review the cryptographic posture that the selector appears to expose in DNS.

Coverage

Checked names

See which selector hostnames were probed during lookup when the active one is unclear.

Operational use

Use DKIM checks as a pre-send or post-change auth checkpoint

Searchers typically need a DKIM checker because a provider changed, a selector rotated, or a message stopped aligning. Treat the lookup as part of change review and incident triage.

Selector rotation

Validate the new selector before switching traffic so the signing path is ready when senders roll forward.

Provider migration

Use the DKIM lookup after cutover to confirm the new provider is using the selector you expect.

Incident review

Pair selector results with header analysis when messages lose alignment or suddenly show dkim=fail.

Related tools

SPF checker

Review SPF alongside DKIM so sender authorization and signing stay aligned.

Open tool

DMARC checker

Validate DMARC policy when DKIM alignment is part of a larger auth posture review.

Open tool

Email header analyzer

Inspect real Authentication-Results headers to confirm which selector is currently signing mail.

Open tool

Domain monitor

Use domain health checks alongside selector lookups before launch or migration windows.

Open tool

FAQ

What does this DKIM checker validate?

This DKIM checker and DKIM lookup tool resolves selector records, shows the queried DNS name, returns the live TXT value when found, and highlights warnings around selector choice, key length, or record validity.

Can I run a DKIM lookup without a selector?

Yes. If you do not provide a selector, the tool checks common selector names and shows the names it tried. That is useful when you inherit a sender domain and do not yet know the active selector.

Why does key length matter in DKIM?

Key length affects signing strength and trust posture. Teams usually want to know whether the selector is using an expected modern key size before relying on it in production.

How should I use the result?

Use the lookup result with SPF and DMARC checks, then confirm real messages show the expected selector and a passing DKIM verdict in Authentication-Results.