Add digital signatures with DKIM

Authenticate email with a domain key - turn on email signing

To begin signing mail messages with the domain key:

  1. Sign in to the Google Admin console

  2. In the new Admin console, click Google Apps > Gmail > Authenticate email. In the classic Admin console, click Advanced tools, scroll to the Authenticate email section, and click Set up email authentication (DKIM).
     
  3. Select the domain whose mail you want to sign with the domain key.

    The page indicates the status of the domain key for the selected domain.

  4. Click Start authentication.

    You can activate DKIM authentication only after updating the DNS records for the domain. Google Apps attempts to verify the existence of the DKIM domain key, and displays a warning message if it is unable to do so. You may need to wait for the DNS record updates to take effect.

  5. Send email to confirm that DKIM signing is active.

    Send an email to someone who is using Gmail or Google Apps and review the message in the recipient's inbox. Click on Show details and check that the 'signed by' line shows your domain name. (Unfortunately, you can't test by sending yourself a test message.)