DKIM signature

With a DKIM signature, an email recipient can verify that the message really came from the alleged sender.

You can configure the DKIM signature for email sent from your domain: just create a TXT record for your domain with a public signature key. To sign messages that you send through non-Yandex servers, you will also need a TXT record with a private key. You should configure it on the outgoing mail server.

If you delegated your domain to Yandex servers, the DKIM signature with a public key is configured automatically.

  1. General instructions for configuring the DKIM signature

General instructions for configuring the DKIM signature

  1. Get a TXT record with a public key in the Mail settings:

    1. Open the Mail administration page.

    2. Go to the DKIM signature tab.

    3. Select the domain to configure the DKIM signature for and click Copy.

      If the domain you need is not in the list, make sure it is connected and verified.

  2. Log in to your DNS hosting company's control panel.

    If you delegated your domain to Yandex servers, go to the Yandex.Connect DNS Editor.

  3. Create a TXT record with the following field values:

    • Name — mail._domainkey. In some DNS control panels, you also need to specify the domain for the public DKIM key, such as mail._domainkey.yourdomain.tld.

    • Value — The block of text from Public key that you copied in the Yandex.Connect settings.

      For example, v=DKIM1; k=rsa; t=s; p=MIGfMA0GCSEBtaCOteH4EBqJlKpe...

  4. Wait for the changes to take effect in the DNS. It may take DNS servers up to 72 hours to exchange the updated DNS records.