DKIM is a security protocol for authenticating your emails and preventing them from getting tampered with before they get delivered. We recommend implementing DKIM in combination with DMARC even if you have SPF configured, for that added security benefit and to withstand forwarding scenarios.
To enable your Twilio SendGrid DKIM setup, there are a few prerequisites to get started:
Determine who your DNS hosting provider is
Gain access to your DNS management console or your hosting provider who can help you edit your DNS settings
Steps to Enable DKIM for SendGrid Domains
In order to enable DKIM for SendGrid, you can either take the automated approach or the manual approach. Let’s discuss both ways as explained in SendGrid's guide to domain authentication.
Automated SendGrid DKIM Setup
To enable DKIM for Twilio SendGrid automatically, go through the following steps:
Login to your SendGrid account
Go to Settings > Sender Authentication > Authenticate Your Domain by clicking on Get Started
Now choose your DNS Host (GoDaddy, Bluehost, Cloudflare) from the options and click on Next.
Enter the domain name you would like to authenticate and click Next.
You can click on Advanced Settings and keep Use Automated Security selected before proceeding.
SendGrid provides CNAME records to enable DKIM.
Publish these CNAME records in your DNS.
SendGrid will now manage DKIM and updates automatically.
Manual SendGrid DKIM Setup
For manual setup, you need to disable “Use Automated Security” in SendGrid. In this case you need to manually update your DNS whenever you change your domain.
For a detailed account, refer to our SendGrid email authentication guide.
Note that DKIM alone cannot protect you against phishing, spoofing, or impersonation attacks. A DMARC analyzer in combination with DKIM is a perfect solution for your email security problems. Sign up today for a free trial!