Add digital signatures with DKIM

Authenticate email with a domain key - generate the key

To generate the domain key used to sign mail:

  1. Sign in to the Google Admin console
     
  2. In the new Admin console, click Google Apps > Gmail > Authenticate email. In the classic Admin console, click Advanced tools, scroll to the Authenticate email section, and click Set up email authentication (DKIM).
     
  3. Select the domain for which you want to generate a domain key.

    The name of your primary domain appears by default. To generate a domain key for a different domain, select it from the drop-down list.
     
  4. Click Generate new record.
     
  5. Optionally, update the text used as the DKIM selector prefix.

    The selector prefix is used to distinguish the domain key that Google Apps uses from any other domain keys you may have. In most cases, you'll select the default prefix "google". The only reason to change the prefix is if your domain already uses a DKIM domain key with the selector prefix "google".
     
  6. Click Generate.

    The text box displays the information you need in order to create the DNS record that recipients query in order to retrieve the public domain key. Please note, keys generated through the Admin console are 1024 bit in strength.
     

After you generate the domain key, update the DNS records for the domain.