DKIM
      Back to home
      1. Help Center
      2. FAQs
      3. DKIM

      How to split a DKIM record?

      DKIM keys come in different lengths, usually 1024, 2048, or 4096 bits. 1024-bit keys were common before, but they’re considered less secure now. While 4096-bit keys offer stronger security, they’re not often used because they take more computing power and time for the servers to resolve them.
      Currently, 2048-bit keys are recommended because they offer good security without overloading servers.
      Most DNS providers impose a limit of 255 characters per line, so if your key exceeds this limit, it will fail to fit in the TXT record as a single string.
      When dealing with 2048-bit DKIM keys, DNS limitations require splitting them which helps ensure that the entire key is readable by DNS resolvers for validation. Some DNS providers have the default feature of automatically splitting the DKIM public keys, however, many of them do not use this feature.
      Below are two simple ways to split a TXT-type DKIM key and make sure it is compatible with the DNS limitations.

      Manually Splitting the DKIM key


      Here is an example of a 2048-bit long DKIM public key:

      v=DKIM1; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1FJnvN6JDaqjzCazFGJLTZqO4t/JBcWd6OYXTK11kx3WnFERhAdW3LSPXUI9UVwUNdQEATF7eFn4OrbDahH+Ud/BuY+1YaQrqJkpkWfKk7cIwOXRU9wflatQNvkT+JrNrHVqS1L8RPUCRwW7MlpOhHcM+6wUE7FFNBmT6gsgT+ypwZmrp5nV5yEb4j4Nf3LlTSoz+NOnkh/SlB9vOXN0JXNw3IN2absAkfTZcQu96No47BJpqd3yo9NDAPOqklpwnsXVe/99jx2XIYi0eYmHn9Upbxjn5CIQ/2rQd3g5kpWDldkINQJ8ATdvXFxX08oxMALt8hTiQfq2YMZqrNKDtwIDAQAB

      All you need is to split the DKIM record into smaller parts using double quotes(“ ”), by also keeping in mind some crucial things that you should avoid.

      1. Each part should be inside double quotes (""), but there should be no extra spaces between the split parts. 

      1. DKIM keys are Base64-encoded, meaning they contain structured data. Splitting randomly could break the encoding. Avoid splitting the code between =, /, or + signs. 
      2. Don’t modify the key structure, keep the p= intact, and don’t alter it.
      3. Don’t Use Single Quotes (') Instead of Double Quotes (")

        So the when manually splitting the 2048-bit long DKIM key mentioned above, it can look like this:

        "v=DKIM1; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1FJnvN6JDaqjzCazFGJLTZqO4t/JBcWd6OYXTK11kx3WnFERhAdW3LSPXUI9UVwUNdQEATF7eFn4OrbDahH+Ud/BuY+1YaQrqJkpkWfKk7cIwOXRU9wflatQNvkT+JrNrHVqS1L8RPUCRwW7MlpOhHcM+6wUE7FFNBmT6gsgT+ypwZmrp5nV5yEb4j4Nf3LlTSoz+NOn" "kh/SlB9vOXN0JXNw3IN2absAkfTZcQu96No47BJpqd3yo9NDAPOqklpwnsXVe/99jx2XIYi0eYmHn9Upbxjn5CIQ/2rQd3g5kpWDldkINQJ8ATdvXFxX08oxMALt8hTiQfq2YMZqrNKDtwIDAQAB"


      Splitting DKIM key using special tools


      While splitting DKIM keys manually is simple enough, there are also some tools available that can take care of the process instead of you. All you need is to enter the DKIM key you want to split and the tool will do it.
      An example of such a tool is the DomNest DKIM record Splitter but many other tools with the same functionality are available online.


      If any further questions arise, feel free to contact EasyDMARC technical support.