Enhance security for outgoing email (DKIM)

Update DNS records

Skip this page if you purchased your domain from one of our domain host partners while signing up for G Suite. In that case, Google automatically adds the necessary DNS record when you turn on authentication (can take up to 48 hours).

Add the domain key to your domain's DNS records

  1. Sign in to the administrator console provided by your domain provider.
  2. Locate the page from which you can update the DNS records.

    Adding a domain key for a subdomain? If your domain host doesn't support updating DNS records for subdomains, add the record to the parent domain. See Update DNS records for a subdomain.

  3. Create a TXT record with the name and value from the Google Admin console.

    The information you need to create the TXT record appears in the text box on the Authenticate email page in the Google Admin console.

    Different domain registrars use different names for the fields associated with a TXT record. For example, GoDaddy has fields named TXT Name and TXT Value, while Name.com calls the same fields Record Host and Record Answer. Regardless of which provider you use, enter the text under DNS Host name (TXT record name) into the first field and the text under TXT record value into the second field.

    • If your domain host is EasyDNS, add a period and your domain name to the end of the DNS Host name (TXT record name) value. The value you enter should have the form google._domainkey.your_domain.com, where your_domain.com is the name of your domain.

    • If your domain provider supports the 2048-bit domain key length but limits the size of the TXT record value to 255 characters, you can't enter the DKIM key as a single entry in the DNS records. In this case, split the key into multiple quoted text strings and enter them together in the TXT record value field. For example, split the DKIM key into 2 parts as follows:

      "v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAraC3pqvqTkAfXhUn7Kn3JUNMwDkZ65ftwXH58anno/bElnTDAd/idk8kWpslrQIMsvVKAe+mvmBEnpXzJL+0LgTNVTQctUujyilWvcONRd/z37I34y6WUIbFn4ytkzkdoVmeTt32f5LxegfYP4P/w7QGN1mOcnE2Qd5SKIZv3Ia1p9d6uCaVGI8brE/7zM5c/"


    For detailed instructions about creating TXT records, including specific instructions for popular domain hosts, see Create a TXT record. See this article for limitations with some domain hosts.
  4. Save your changes.

Next: Turn on email signing

Was this article helpful?
How can we improve it?