DKIM is a method for verifying that an email is indeed being sent from the domain it claims to be from. To accomplish this verification a public/private pair of encryption keys is used. The most notable use of public/private key pairs in email is with S/MIME or PGP for encrypting an email itself. Outside of email anyone who browses the web has benefitted from public/private key pairs, as they are used to establish the SSL-encrypted connection of any reputable website for things like entering payment information securely.
With DKIM, a special signiture string is created from the private key, the message body, and some of the headers from within the email you are sending. The recipient's server then uses the public key to verify the signature was created using the matching private key. Since the private key is on your server, and has not been shared with anyone, only email sent from your server with the correct private key will pass this test.
Based on options of your choosing, messages can then be completely denied as invalid or let through (possibly to a separate folder) for reveiw before deciding it is unwanted email.
For DKIM to work properly your email servers need to be setup for signing outbound email and verifying inbound email, which is presicely what we have done here at LuxSci.
Your provider's support/implementation of DKIM may differ from ours, but you can still use this DKIM generator to create the needed keys and generate the appropriate text needed for updating your DNS text records to use DKIM for your domain's email. The private key would have to be added to your server by your email provider
You will need to enter a selector and your domain below. A selector can be just about anything you want it to be. If you are not aware of how you can fully utilize selectors you can just use "dkim" as your selector.