How to set up Salesforce DKIM
- Click on Setup, then type “DKIM Keys”
- Click on Create New Key
- Select the RSA key size
- Enter unique names
- Enter your domain name and domain match pattern
- Click Save
- Publish both the CNAME and alternate CNAME records to your domain’s DNS
- Click Activate
Whether you’re sending weekly marketing newsletters or important company updates, nobody wants their emails to end up in spam folders. With increasing threats from spam, phishing, and spoofing attacks, tools like DomainKeys Identified Mail (DKIM) help authenticate and validate emails sent from your domain.
For businesses using Salesforce as their customer relationship management (CRM) platform, setting up Salesforce DKIM ensures that critical emails sent from your Salesforce account reliably reach recipient inboxes without getting blocked or marked as spam.
Read on to learn more about what Salesforce DKIM does, how to set it up, and why you should use Jotform to level up your emails.
What Salesforce DKIM does
DKIM is an email authentication system that uses cryptographic authentication to prove a message comes from a valid source. In other words, DKIM functions like a digital signature for emails that validates the sender’s identity and verifies the email truly came from them rather than another entity spoofing them.
Here’s how it works:
- The email sender signs the email header and body with a private key, creating a digital signature unique to the sender’s domain.
- When the receiving email server gets the message, it uses the sender’s public key to decode the signature. If it decodes correctly, the receiver knows the email is authentic and came from the supposed sender.
Salesforce DKIM specifically signs emails as sent from your Salesforce Marketing Cloud account.
How using Salesforce DKIM can benefit your business
Any business that relies on Salesforce for customer communications should consider enabling Salesforce DKIM. Authenticating your email directly within your CRM platform means you can
- Easily set up DKIM within your Salesforce admin dashboard with no need for external DNS support
- Manage DKIM keys natively in your Salesforce environment
- Unlock deliverability protection for your important Salesforce marketing and transactional emails
Ultimately, these benefits prevent critical marketing and sales communications from ending up blocked or in spam folders.
How to set up Salesforce DKIM
Setting up your Salesforce DKIM takes just a few simple steps:
- Click on Setup, then type “DKIM Keys” in the Quick Find box. Select DKIM Keys.
- Click on Create New Key.
- Select the RSA key size. Note that longer key lengths are more secure but can impact performance —when determining your key size, consider factors like security needs, encryption strength, processing overhead, and estimated email volumes.
- In the Selector and Alternate Selector fields, enter unique names.
- Enter your domain name and domain match pattern.
- Click Save. Salesforce will then publish your TXT records to DNS. When the DNS publication is completed, your CNAME and alternate CNAME records will appear on the DKIM Key Details page. (If you’re unfamiliar with how DNS works, there’s no need to worry about the specifics — just know Salesforce handles the technical details for you automatically.)
- Once the DNS publication has been completed, publish both the CNAME and alternate CNAME records to your domain’s DNS.
- Click Activate on the DKIM Key Details page.
Once you’ve activated Salesforce DKIM, emails sent from your account will include a DKIM signature header signed by your private key. Recipients can validate the signature with your public key to verify that the email comes from you.
After you’ve enabled DKIM, remember to review it regularly to ensure it remains valid. Keep these tips in mind:
- Check that your public key DNS records are correct and haven’t expired.
- Consider rotating your public/private keys annually for better security.
- If you change DNS providers or email domains, update your DKIM TXT records.
- Keep your private key secure and backed up externally.
How Jotform can help you integrate email delivery and authentication
Beyond DKIM, it’s essential to consider using SMTP when sending emails to customers and potential leads. Simple Mail Transfer Protocol, or SMTP, delivers email messages from your email server to the recipient’s email server. When you use your own SMTP server instead of a default server, you further boost your emails’ deliverability and reliability.
When you create forms with Jotform, for example, you can send emails from your own SMTP server and email address (rather than sending emails from Jotform itself). Because this increases the likelihood that your emails are successfully delivered rather than diverted to spam folders, it’s especially beneficial if you’re sending autoresponder emails to new leads who’ve filled out your forms and haven’t received any emails from you previously.
When you use Jotform in conjunction with Salesforce, you unlock the benefits of validated domain authentication and dependable deliverability for optimal email performance. By setting up Salesforce DKIM, you protect your emails from spoofing and other fraud, while Jotform’s SMTP feature ensures your email recipients instantly know who’s sending them emails.
Now that you’re familiar with how to get started with Salesforce DKIM, consider taking the time to set up SMTP for a form created with Jotform as well.
Photo by Mikhail Nilov
Thank you for helping improve the Jotform Blog. 🎉