When it comes to cold email marketing, we don’t want to leave any stone unturned to ensure that our emails land directly in users inbox folder, not spam, not promotions, but directly in inbox.
What is DKIM?
DKIM, also known as Domain Keys Identified Email is one of many technical specifications that are used by SPAM filters across the world to understand the legitimacy behind a given email sender.
Under the hood, when DKIM is setup correctly, all emails originating from the server are “digitally signed” using the TXT record. When an email server receives a message, the server will peek inside your email header, look up the signature, validate it with TXT record that serves as reference point, and only when signatures match, allow it to pass through its filters.
Let us walk through an example of an actual email sent using GMAIL.
- An email is sent to [email protected] from another account, lets say [email protected], typical DKIM header on recipient side will look like this
|‘PASS’ with domain webfast-co.20150623.gappssmtp.com Learn more|
The “PASS” indicates the email sent is a legit one and not being spoofed. aka the email is actually being sent by [email protected] and not some “random” email address that is faking identity.
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=to:subject:message-id:date:from:mime-version:dkim-signature; bh=5D3BlnoAG4LhflWG1iWPdCsmWtlSuJYkcyDCGpkw0lA=; b=aANrQh+H6FhAFt+PhRBYFzxYT00fvjpKVJH53zYbLSa3XSX1WAtWV02GHdCS4zuGXj 5kBuki9TdHl2rDkgEG0s2YsESykj70dAl3yMtrDKTGAVFM5py4/j9kCQ7z8aDlfkzaob ktUMhwNXDml8ArOnXznkKJgFCu/MFj9OX0Ps4CQDb1S5pw//NpyurbR/RUMaYckQgxpH Cn2FZ+zopz5wd1UkDLjrrM1uDySVjco26s7mKt9KBKEUQkLhJPo3nViEtiGBQ3tZJvAu HLTsl8NWKbox1ZwHF4+7RIfFmLJxurTlKPmiqF/o5gNimobxCxfqR/N3ZT29kISo3wfm 8zrQ==
Signature verification for DKIM indicates two things:
The TXT record containing the DKIM entry is a valid / legit entry:
k=rsa; t=s; p=MIGfMA3DQEBAQUAA4GNADCBiQKBgQDGMjj8MVaESl30KSPYdLaEreSYzvOVh15u9YKAmTLgk1ecr4BCRq3Vkg3YOr3XIczzU8gkK5Kh42P4C3DgNiBvlNNk2BlA5ITN/EvVAn/ImjoGq5IrcO+hAj2iSAozYTEpJAKe0NTrj49CIkj5JI6ibyJwIDAQAB
The email sent via [email protected] has used the corresponding TXT record to sign the message. Given how email signature works, all emails are signed by a central authority / DNS system which is a singular entity recognized and respected by all SMTP servers. The use of TXT records ensures that all emails originating from this specific email send setup are accurate.
Quite a mouthful, isn’t it? And shouldn’t email sending be lot easier?
With MagicEmails, there is no need to setup DKIM or any technical setting that needs a PhD.
Just need to install our Chrome Extension and you can start sending emails that go directly in users inbox within 5 minutes. Request early access by clicking here or visiting our homepage at
and we will add you to the invite list right away.