Double DKIM signing by ESPs offers advantages like accessing FBLs without customer coordination and improved sender reputation, often targeted at specific providers like Yahoo and Gmail. General DKIM practices ensure domain responsibility, authentication, and integrity, preventing spoofing, phishing, and tampering. It's important when a customer domain with DMARC enforcement is used. Some ESPs share control of SPF/DKIM with customers as a defensive strategy. Key considerations include proper DKIM configuration (DNS records), maintaining adequate DKIM key sizes (>=1024 bits), and aligning DKIM with SPF/DMARC.
9 marketer opinions
Double DKIM signing by ESPs involves signing emails with both the customer's domain and the ESP's domain. This practice allows access to FBLs (like Yahoo and Gmail) without customer coordination and can improve deliverability. DKIM, in general, enhances sender reputation, authenticates the sender, prevents phishing, and protects brand reputation by verifying email legitimacy and ensuring messages are authorized by the domain owner. Proper DKIM configuration involves generating a DKIM record and adding it to the domain's DNS settings. When a customer domain with DMARC enforcement is used, it must be DKIM signed.
Marketer view
Email marketer from Litmus explains that DKIM helps protect your brand's reputation by preventing unauthorized senders from using your domain to send fraudulent emails.
2 Sep 2024 - Litmus
Marketer view
Email marketer from StackOverflow explains that double DKIM signing is useful in some cases to show both the ESP's domain and the sender's domain are authenticating the message which can improve reputation.
7 Jun 2025 - StackOverflow
3 expert opinions
Double DKIM signing provides ESPs access to FBLs (Feedback Loops) without customer coordination. Some ESPs utilize SPF and DKIM setups with shared control as a defensive measure. Using DKIM key sizes smaller than 1024 bits can cause deliverability problems.
Expert view
Expert from Email Geeks explains double signing DKIM allows access to Yahoo (and other DKIM based FBLs) without coordinating with the customer.
9 Nov 2021 - Email Geeks
Expert view
Expert from Spam Resource explains some ESPs like using SPF and DKIM setup where one part is controlled by them and one part by the customer as a defensive measure.
27 Aug 2022 - Spam Resource
3 technical articles
DKIM signing provides a way for a domain to take responsibility for a message by associating its identity, ensuring authentication and integrity. It prevents email spoofing and phishing by allowing receiving servers to verify the sender's domain identity and confirm that the message wasn't tampered with.
Technical article
Documentation from DKIM.org states that DKIM helps prevent email spoofing and phishing by verifying the sender's domain identity.
14 Oct 2023 - DKIM.org
Technical article
Documentation from ietf.org explains that DKIM signing allows a domain to take responsibility for a message by associating its identity with it, providing authentication and integrity assurance.
2 Jan 2022 - ietf.org
Do I need multiple DKIM records if I use multiple ESPs like HubSpot, Sendgrid and ActiveCampaign?
Do SPF and DKIM records need to be aligned for all email service providers?
How can I improve SPF alignment and email deliverability when using Hubspot?
How do ESPs collect Yahoo FBL data using double DKIM signing?
How is DKIM precedence determined when double signing emails?
What are best practices and costs for implementing DKIM, SPF, and DMARC?