Google Workspace (G suite) - Enabling DKIM

It is always important to protect your domain from spoofing & phishing, and to help prevent messages from being marked as spam. We recommend you always setup a DKIM key for your domain. Follow the steps in this article to get your DomainKey Identified Mail (DKIM) key, add the key to your domain provider, and turn on DKIM authentication for your domain.

Prerequisites:

1. You must be signed in a Super Administrator.

1. Sign in to your Google Admin console. (Sign in using an administrator account)
2. In the Admin Console, go to Menu > Apps > Google Workspace > Gmail.
3. Click Authenticate email.
4. In the Selected domain menu, select the domain you want to set up DKIM.
5. Click the Generate New Record button.
6. In the Generate New Record box, select your DKIM key settings:

7. At the bottom of the Generate New Record Box, click Generate. On the setting page, the text string beneath TXT record value changes to a new value and the following message is displayed: DKIM authentication settings updated.
8. Copy the DKIM values shown in the Authenticate email window. You will be adding this record to your DNS.

Turning on DKIM signing

After you enter the TXT records Google provided in the steps above, we must turn on DKIM signing to finish the setup. Follow the steps below click on Start authentication.

1. Sign into your Google Admin console.
2. In the Admin console, go to Menu > Apps > Google Workspace > Gmail.
3. Click Authenticate email.
4. In the Selected domain menu, select the domain where you want to turn on DKIM.
5. Click the Start authentication button. When DKIM is complete setup, the status at the top of the page changes to: Authenticated email with DKIM.

6. You can then verify your message is passing DKIM by sending yourself a test message and analyzing the header of the message.