Definition
DKIM
DomainKeys Identified Mail, an email authentication method that uses cryptographic signatures to verify that an email hasn't been altered in transit and was genuinely sent from your domain.
Why it matters in B2B outbound
DKIM is one of the three core email authentication protocols (alongside SPF and DMARC) that email service providers use to evaluate your sender legitimacy. Without DKIM, receiving servers have no way to verify that the message they received is the same one you sent — or that you sent it at all.
From a deliverability standpoint, missing or misconfigured DKIM is a significant risk factor. Gmail, Outlook, and other major providers give preferential treatment to authenticated senders. Unauthenticated email is more likely to land in spam or be rejected outright, especially for cold outreach where you have no prior engagement history with the recipient.
DKIM also protects your domain reputation from spoofing. If someone forges email from your domain and it bounces or generates spam complaints, those signals can damage your sender score even though you weren't responsible. DKIM makes forgery detectable.
How it works
Setting up DKIM involves generating a public/private key pair through your email service provider (Google Workspace, Microsoft 365, or your SMTP provider). The private key is used to sign outgoing messages. You then add a TXT record to your domain's DNS containing the public key. When a receiving server gets your email, it retrieves the public key from DNS and uses it to verify the signature. If the signature matches, the email passes DKIM authentication. Most email providers walk you through this setup — it takes about 15 minutes and DNS propagation of up to 48 hours.
Related terms
Need help with dkim?
Book a free 30-minute audit. We will show you exactly what to fix and how to fix it.
Book a free audit