DKIM Keys in Salesforce

Salesforce uses DKIM keys to sign outbound emails that your organization sends from the Salesforce platform.

Use the DKIM (DomainKeys Identified Mail) key feature to let Salesforce sign outbound email sent on your company’s behalf. These signatures give recipients confidence that the email was handled in a way that’s consistent with your company.

To ensure your email message from Salesforce do not end up unread in the recipient’s spam folder,you can  easily implement DomainKeys Identified Mail (DKIM).Use the DKIM (DomainKeys Identified Mail) key feature to enable Salesforce to sign outbound emails sent on your organization’s behalf. A valid signature provides recipients confidence that the email was handled by a third party such as Salesforce in a way authorized by your organization.

Make sure you add the public key to your DNS record before you make your key active in Salesforce and start DKIM signing. DKIM signing is active whenever your DKIM key is in the active state.

To Create DKIK Keys, go to