Currently, sendgrid.net is passing DMARC through DKIM alignment; however, when looking at the DNS records for the main domain, the DKIM record doesn’t exist. How can this pass DKIM alignment if the record doesn’t actually exist or how can I figure out where this record exists?
Sendgrid uses CNAME records to configure DKIM. They are per standard located at:
s1._domainkey.YourDomain.com
s2._domainkey.YourDomain.com
These CNAME records point to a host name at Sendgrid where they host the actual DKIM record for you.
It is however possible to use a custom selector as well, so you could have something else than s1 and s2.
1 Like
I understand the CNAME aspect of this. I didn’t create the CNAME records for it and they do not show up in our DNS records. Unsure of where DMARCIAN is pulling that record.
Hi Garrett and welcome to the forums!
The forums are not meant to be a dmarcian product channel as they are viewable publicly. Contact support@dmarcian.com so we may review specific examples of what you are speaking of specifically.
That being said, based on your forum account, I believe I did find your dmarcian account. I will not share any domain details here, but I did find emails sent from Sendgrid passing DMARC through both SPF and DKIM, and the records referenced are in fact published in your domain’s DNS.
Give our support team a shout via email, and we’ll be happy to discuss this further.
Sorry for not putting this in the right channel. Thanks for providing the information for support. I was able to email you all and hopefully we can figure this out. Thanks.
