Support for DKIM was added to the service-now.com domain in late 2017. With DKIM enabled, the ServiceNow (service-now.com) email servers sign outgoing messages.
Receiving mail servers can then use a public key, published on the service-now.com DNS record, to verify the signatures on any emails sent out from the ServiceNow (service-now.com) email servers.
Note that DKIM signing will only work for emails where the From: address is <something>@service-now.com. It's not possible for customers to add DKIM DNS records to the service-now.com domain for their own domains.
DKIM DNS Records
Retrieving the public key from a website
There are many websites that let you check DNS-related records such as SPF or DKIM for a domain. To check the DKIM record, you'll need these details:
DKIM Selector: servicenow-20170913115315
Example DNS check website: https://www.mail-tester.com/spf-dkim-check
Retrieving the public key at the command line
To retrieve the DKIM public key, you can run the following command from a UNIX/MacOS computer:
dig servicenow-20170913115315._domainkey.service-now.com TXT +short
The output will be the public key as of August 2018. (Note that this key is not expected to change, although ServiceNow reserves the right to change it if required):
DKIM keys for customer domains are not currently supported
Some companies request DKIM keys so that they can send emails with From: addresses such as @customer.com while using the ServiceNow SMTP server. ServiceNow currently does not provide DKIM keys for customer domains.
There is an open feature request in our Idea Portal. Any customer with interest in this feature is encouraged to vote for it there: DKIM support for custom domains
As a workaround, customers can configure the instance to use their organization's own mail infrastructure instead of ServiceNow's mail infrastructure. To find documentation on this please search Enable using your own SMTP server on the ServiceNow Documentation website