Help Center

Adding a DKIM Signature

DomainKeys Identified Mail (DKIM) is an email authentication standard that allows you to sign email messages from your domain with a digital signature using public-key cryptography. By adding a DKIM signature to messages sent through the MailChannels Send API, you can prevent others from spoofing your domain, if used in combination with a sufficiently strong Domain-based Message Authentication, Reporting & Conformance (DMARC) policy.

To add a DKIM signature to a message, add the following fields to the personalization object for the message:

  • dkim_domain: This is the domain (d=) field for the DKIM signature. To pass DMARC, this should be aligned with the domain in the From header address.
  • dkim_selector: This is the selector (s=) field for the DKIM signature. It specifies where to find the associated public key in the DNS - see the DKIM specification for more details.
  • dkim_private_key: The base-64 encoded private key.

See below for a full example of sending a message from a Cloudflare Worker with a DKIM signature:

addEventListener("fetch", event => {

async function handleRequest(request) {

    let send_request = new Request("", {
        "method": "POST",
        "headers": {
            "content-type": "application/json",
        "body": JSON.stringify({
            "personalizations": [{ 
                "to": [ {"email": "",
                          "name": "Test Recipient"}],
                "dkim_domain": "",
                "dkim_selector": "mcdkim",
                "dkim_private_key": "<base64 encoded private key>"
            "from": {
                "email": "",
                "name": "Test Sender",

            "subject": "Test Subject",
            "content": [{
                "type": "text/plain",
                "value": "Test message content\n\n" + content,

    let respContent = "";
    // only send the mail on "POST", to avoid spiders, etc.

    if( request.method == "POST" ) {
        const resp = await fetch(send_request);
        const respText = await resp.text();

        respContent = resp.status + " " + resp.statusText + "\n\n" + respText;

    let htmlContent = "<html><head></head><body><pre>" +
        "</pre><p>Click to send message: <form method="post"><input type="submit" value="Send"/></form></p>" +
        "<pre>" + respContent + "</pre>" +

    return new Response(htmlContent, {
        headers: { "content-type": "text/html" },


Reference documentation is available at

Cloudflare has some documentation on creating a DKIM record here: There are various services that will help you create a DKIM key pair if you do not already have one. Here are a few:

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request


Please sign in to leave a comment.