BackManually Detect DKIM key
How to Detect Your DKIM Key and Assess Its Configuration & Security
DomainKeys Identified Mail (DKIM) is a vital email authentication protocol that helps prevent spoofing and phishing. Ensuring your DKIM key is properly configured and secure is essential to protecting your organization’s email reputation and preventing impersonation.
This article will guide you through detecting your DKIM key across common providers, including Microsoft 365 and Google Workspace, and using our solution to automatically analyze it for security risks.
Importance of DKIM Key Security
DKIM works by adding a cryptographic signature to your emails, allowing recipients to verify that the message was sent by an authorized source and has not been tampered with.
However, misconfigured or weak DKIM keys can expose your domain to spoofing attacks. Common issues include:
- Using insecure key lengths (e.g., 1024-bit or below)
- Expired or revoked keys
- Keys that are not rotated regularly
- DKIM not being enabled at all
Proper DKIM management helps ensure message authenticity and strengthens your domain’s reputation across the email ecosystem.
Detect the DKIM Key Used by Microsoft 365 (O365)
If you're using Microsoft 365, you can extract your DKIM key directly through the Microsoft 365 Defender and Exchange Admin Center dashboards. This allows you to verify whether DKIM is configured and inspect the public key published in DNS.
Step-by-Step Guide:
1. Sign in to the Microsoft 365 Defender portal
- Go to: https://security.microsoft.com/dkimv2
- Use an account with Security Administrator or Global Administrator permissions.
2. Extract the relevant dkim key
- Find the domain you want to track and press it
- You'll see the current DKIM status (Enabled/Disabled).
- In the drawer, copy the DKIM key and share it with us at
supprt@withrotate.com
Detect the DKIM Key Used by Google Workspace
Google Workspace signs messages with DKIM by default (if configured). Here’s how to verify the key:
Steps:
-
Log in to the Google Admin console.
-
Go to Apps > Google Workspace > Gmail > Authenticate Email.
-
Share the DKIM key value with us at
support@withrotate.com
4. Send an Email to Analyze DKIM Automatically
To simplify detection and analysis, our platform offers an automated DKIM extraction and security scanner.
How It Works:
- Send an email from your domain to:
dkim-checks@rotate-mail.com - Our system extracts the DKIM signature from the email headers.
- We fetch the corresponding public key from DNS.
- We analyze:
- Key length
- Signature validity
- DNS record formatting
- Expiry or rotation issues
5. Summary
Maintaining strong DKIM key practices is essential to defend against spoofing and phishing. Whether using Microsoft 365, Google Workspace, or another provider:
- Ensure your keys are 2048 bits or higher.
- Rotate them periodically and monitor for misconfigurations.
- Use automated tools—like our email-based scanner—for ongoing auditing.
By following these steps, you can significantly strengthen your domain’s email security posture.
Frequently Asked Questions
What is the Email Add-On?
The Email Add-On is a tool designed for Gmail and Outlook that helps you identify and manage malicious emails, including spam, phishing attempts, and malware. It enhances your email security by reporting suspicious emails and managing your personal spam list.
Why are mail rules a security risk?
Mail rules can be exploited to exfiltrate data, hide security alerts, or modify incoming messages. Attackers often use forwarding rules to silently send emails to external accounts or create rules that auto-delete security notifications, making it harder to detect compromises.
Why is email security important?
Email is a common attack vector for phishing, spoofing, and other cyber threats. Properly configured DMARC, DKIM, and SPF records help prevent unauthorized parties from sending emails on behalf of your domain, protecting your organization from email-based attacks.
What actions can I take on a malicious email?
When a malicious email is detected, you can take the following actions:
- Block the email to remove it from the user’s inbox.
- Release the email after it’s been blocked, putting it back in the inbox.
Can I deactivate Rotate Mail Scanning on a specific mailbox?
Yes, you can exclude specific mailboxes from Rotate Mail Scanning. This can be configured in the Configurations tab in the Email Hub under the Users and choose the users to exclude.
What does Email Threats mean?
- Phishing: A type of cyberattack where attackers impersonate legitimate organizations via email or websites to steal sensitive information like passwords or credit card numbers.
- Financial Fraud: Illegally obtaining money or assets through deceptive means, such as credit card fraud, investment scams, or identity theft.
- BEC (Business Email Compromise): A type of cybercrime where attackers impersonate company executives or employees to trick others into transferring money or sensitive information, often through email.
- Malware: Malicious software designed to harm, exploit, or otherwise compromise the data or functionality of a computer, network, or device. Examples include viruses, trojans, and ransomware.
- Spam: Unsolicited and often irrelevant or inappropriate messages, typically sent in bulk, usually through email. Often used for advertising or spreading malicious content.