EasyDMARC doesn’t automatically detect DKIM records due to the nature of DKIM record configuration and DNS privacy limitations. Unlike SPF records, which list allowed IP addresses directly in the DNS, DKIM records are created individually by each mail server and stored as public keys associated with specific selectors. These selectors, often customized by each sending source, make it challenging for automated systems to locate the correct DKIM records without prior knowledge of the exact selector name.
Of course, there are multiple sending sources that have a predefined DKIM selector name (e.g. “Google” for Google Workspace, “selector1/selector2” for Microsoft 365/ Outlook), which can be detected and shown upon DKIM lookup.
In practice, EasyDMARC relies on users to manually provide these DKIM selectors or keys. The validity of the selector can be checked through the DKIM lookup tool by specifying the domain and selector name:
The DKIM results vastly rely on the DMARC reports received from the rua/ruf addresses we provide. Upon receiving the reports with the appropriate DKIM selector name you may find its data presented in the DKIM lookup section.
EasyDMARC’s reliance on manual input for DKIM records stems from the unique and often customizable nature of DKIM selectors across different email services. While some common providers use predefined selectors that can be detected, many other systems generate individual selectors that require user intervention. As such, EasyDMARC empowers users to input these selectors, enabling accurate DKIM verification and enhancing the accuracy of DMARC reports. By using the DKIM lookup tool and relying on DMARC reports, users can ensure that their DKIM setup is correct, ultimately strengthening email authentication and security.