Definition
DKIM Keys is a Setup page where administrators create and manage DomainKeys Identified Mail (DKIM) signing keys. DKIM adds a digital signature to outbound emails from Salesforce, verifying to recipients' email servers that the messages genuinely originated from the organization's domain and have not been tampered with in transit.
Real-World Example
The admin at Granite Financial creates a DKIM key for the granitefinancial.com domain and publishes the public key as a DNS TXT record. Once active, every email sent from Salesforce using that domain is cryptographically signed. This reduces the chance of emails being flagged as spam and improves deliverability to clients' inboxes.
Why DKIM Keys Matters
DKIM Keys is a Setup page in Salesforce where administrators create and manage DomainKeys Identified Mail signing keys for outbound emails. When configured, every email sent from Salesforce using the organization's domain receives a cryptographic digital signature embedded in the email headers. The recipient's email server can verify this signature against a public key published in the sender's DNS records, confirming that the email genuinely originated from the claimed domain and was not altered in transit. This authentication mechanism is a cornerstone of modern email deliverability strategy.
As organizations scale their email communications through Salesforce — sending thousands of transactional emails, marketing campaigns, and case notifications daily — email deliverability becomes a business-critical concern. Without DKIM signing, emails are more likely to be flagged as spam or rejected entirely by recipients' email servers, particularly those using strict authentication policies like DMARC. Financial services, healthcare, and other regulated industries face even higher stakes because undelivered emails can mean missed compliance notifications. Organizations that implement DKIM alongside SPF and DMARC create a robust email authentication framework that protects their domain reputation and ensures critical communications reach their intended recipients.
How Organizations Use DKIM Keys
- Granite Financial — Granite Financial's admin creates a 2048-bit DKIM key for granitefinancial.com and publishes the public key as a DNS TXT record. Within two weeks of activation, their email deliverability rate to major providers like Gmail and Outlook increases from 82% to 97%. Compliance-critical notifications about account changes now reliably reach clients' inboxes rather than being filtered into spam folders.
- Horizon Health Systems — Horizon Health Systems implements DKIM signing across all Salesforce-originated emails including appointment reminders, lab results notifications, and billing statements. Before DKIM, roughly 15% of patient communications were never opened because they landed in spam. After enabling DKIM and aligning it with their existing SPF and DMARC policies, the open rate for critical health notifications increased by 40%.
- NovaTech Solutions — NovaTech Solutions discovers through email analytics that their sales outreach emails have a 25% bounce rate. Their admin configures DKIM Keys in Salesforce and coordinates with the IT team to publish the DNS records. Combined with proper SPF alignment, their domain sender score improves from 65 to 92, and the sales team reports a significant increase in response rates from prospects.