Submit a ticket My Tickets
Login  Sign up

Hosted DKIM Feature Guide


This documentation describes the Hosted DKIM feature guide for the account/user. The document includes the steps for activation and using the feature.

To support the Hosted DKIM feature the following conditions should be considered:

  1. Your plan supports the Hosted DKIM feature

  2. Account is active 

  3. A domain is added to your account 

Note: You will need to add a DKIM NameServer (NS) record to your DNS zone to manage a domain’s DKIM keys within the PowerDMARC system.

Steps for the activation the Hosted DKIM feature:

  1. Go to the Hosted Services>Hosted DKIM

  2. Select your domain 

  3. Copy the Host name and value of the NS record and add it to your DNS

Note: DNS record type is NS (see the screenshot below)

  1. Once the record is added to your DNS go back to Hosted DKIM section and click the Validate Hosted DKIM button 

Note: To fully propagate the DNS records it can take up to 48 hours 

  1. Once the domain validated the pop-up with the record is valid sign is shown and you’ll be redirected to the add selectors page

Hosted DKIM - Domain selectors section

After validating the Hosted DKIM for your domain the Domain selectors section page becomes accessible to you.  

Steps for adding a new selector with TXT record type: 

  1. Click the Add New button  


  1. On the opened modal type the selector name (ex. google )

  2. Add or select already existing sending service (To add a new sender service click the Add Sender Service button, type your service name and save)

  3. Add comments if needed (optional)

  4. Select one of the options  TXT(the full DKIM record including tags), CNAME (CNAME value provided by 3rd party services), Public Key(the value of DKIM record coming after p). You can generate the DKIM record value on the PowerDMARC’s generator tools>DKIM record generator section or add a record provided by 3rd party services.

  5. Click the Add Record button

Your key is added!

Adding a new selector with CNAME record type using Mailchimp’s CNAMEs:

(The only difference between a CNAME record type DKIM key is the Record value)

The record value of a CNAME type DKIM key will point to a 3rd party server (Microsoft, Google, Mailchimp), which is the one that will respond with a TXT value for the key. 

Mailchimp provides two CNAME records with two selectors. 

Note: You need to copy and add to selector field in Hosted DKIM only the DKIM selector values k2 and k3 (see the screenshot above for selector values and screenshot below selector filed on the Hosted DKIM section)

The value of the Points to field should be pasted to the CNAME section while adding a selector on Hosted DKIM. (see the screenshot below)

Adding a new selector with PUBLIC KEY record type:

Note: You must add the value coming after p tag (see the screenshot below)

  1. Type your selector name

  2. Select or create sender service 

  3. Add comments if any (optional)

  4. Insert the the generated DKIM record value and click the Add Record 

Note: Check the “Only allow domain signing” box only if the TXT record value contains the tag ‘t=s’. This is available only for TXT record keys

PowerDMARC is the author of this solution article.

Did you find it helpful? Yes No

Send feedback
Sorry we couldn't be helpful. Help us improve this article with your feedback.