Support for DKIM was added to the service-now.com domain in late 2017. With DKIM enabled, the ServiceNow (service-now.com) email servers sign outgoing messages using a private key.

Receiving mail servers can then use a public key, published on the service-now.com DNS record, to verify the signatures on any emails sent out from the ServiceNow (service-now.com) email servers.

Note that DKIM signing will only work for emails where the From: address is something@service-now.com. It's not possible for customers to add DKIM DNS records to the service-now.com domain for their own domains.

DKIM DNS Records

Retrieving the public key from a website

There are many websites that let you check DNS-related records such as SPF or DKIM for a domain. To check the DKIM record, you'll need these details:

Domain: service-now.com

DKIM Selector: servicenow-20170913115315

Example DNS check website: https://www.mail-tester.com/spf-dkim-check

Retrieving the public key at the command line

To retrieve the DKIM public key, you can run the following command from a UNIX/MacOS computer:

dig servicenow-20170913115315._domainkey.service-now.com TXT +short

The output will be the public key as of August 2018. (Note that this key is not expected to change, although ServiceNow reserves the right to change it if required):

"v=DKIM1\;" "k=rsa\;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDUxxcc9FGibKY8QxoD/ljxlDmmRgxPr2ElXFPMi92E+QsrpwhqnfGSM5MWc2KdZoJadPQJ5jP8J3UpNQ+sZGFt8IeWVmOQfFV8spFFXKMaH3V0rGhcCtL/DaOGfq1PWd6HbvWAjuyTUx9DjCQusFdrw9NgRRqb28F9uCcNF+OugQIDAQAB"

DKIM keys for customer domains are not currently supported

Some companies request DKIM keys so that they can send emails with From: addresses such as something@customer.com while using the ServiceNow SMTP server. ServiceNow currently does not provide DKIM keys for customer domains.

There is an open feature request in our Idea Portal. Any customer with interest in this feature is encouraged to vote for it there: DKIM support for custom domains

As a workaround, customers can configure the instance to use their organization's own mail infrastructure instead of ServiceNow's mail infrastructure. To find documentation on this please search Enable using your own SMTP server on the ServiceNow Documentation website