How to find DKIM record without selector?

Email marketer from Mailhardener states that DKIM selectors let you publish multiple DKIM keys for different purposes, senders, or servers using the same domain. Finding the public DKIM key without knowing the selector is going to be nearly impossible because it can't be queried.

Email marketer from EmailSecuritySPF shares that DKIM selectors help to differentiate between multiple DKIM keys and records, if the selector isn't known then you're unable to identify the corresponding TXT record in DNS.

Email marketer from Stackoverflow states that if you don't have the selector, it's almost impossible to find the DKIM record. You would need to guess the selector, which is usually something descriptive like 'google', 's1', or 'default'.

Email marketer from Spamresource shares to identify the DKIM selector you will need to review email headers of emails that have been signed by that domain. Look for the DKIM-Signature.

Email marketer from Web Hosting Talk suggests to check with your ESP as some will make it available on the user interface. Otherwise checking mail headers for a DKIM signature is required.

Email marketer from EasyDMARC suggests using their DKIM record lookup tool, but states that you need to know the selector to use it.

Email marketer from Reddit shares the selector will be within the email header and called 's='. The email header parameter will be called DKIM-Signature

Email marketer from Email Geeks shares additional tips, including performing MX Lookup to detect the domain and perform DKIM Lookup accordingly. Also shares to use EasyDMARC domain scanner which performs DKIM Lookup with selectors in their DB.

Marketer from Email Geeks explains you need the selector and the signing domain to find the public key and you can find the selector in the DKIM-Signature header of an email from the source.

Email marketer from MXToolbox explains that a DKIM selector is required to perform a DKIM lookup. Try to find the selector used by the sending server by looking at the email headers of a message sent from that domain. View source of an email and then look for DKIM-Signature.

Email marketer from Reddit shares that DKIM records are located in the DNS settings of your domain, you will need to access your domain's DNS records through your DNS provider (e.g., GoDaddy, Cloudflare, Namecheap, etc.).

Email marketer from Valimail shares that finding a DKIM record without knowing the selector is difficult. They suggest that if you control the sending domain, check the DKIM settings in your email service provider's control panel. If you don't control the domain, try to find the selector used by the sending server by looking at the email headers of a message sent from that domain.

Marketer from Email Geeks explains that you have to have the exact selector to perform a DNS TXT record lookup. For example: If s=emailgeeks and d=example.com then the DNS TXT record to lookup is emailgeeks._domainkey.example.com. The selector is required to complete the DNS lookup.

Expert from Word to the Wise explains to check authentication you need to use mailfrom, and not just the header from.

Expert from Word to the Wise explains that having multiple DKIM keys is not a good idea and it is better to not do this, if you do then one signing key will clobber the other signing key.

Expert from Spamresource shares to identify the DKIM selector you will need to review email headers of emails that have been signed by that domain. Look for the DKIM-Signature.

Expert from Email Geeks shares that you may be able to guess the selector using xnnd.com.

Documentation from DMARC Analyzer explains that a DKIM selector is used to publish multiple DKIM keys for a single domain. This allows a domain to rotate keys more easily and use different keys for different services or subdomains. Without the selector, it's not possible to query for the correct DKIM record.

Documentation from RFC6376 (DKIM standard) explains that the selector is a string used to locate the correct public key. A domain can publish multiple DKIM keys, and the selector indicates which key was used to sign a particular message. Without the selector, the receiving server cannot determine which key to use for verification.

Documentation from Google Workspace Admin Help explains that the DKIM selector is a string that distinguishes multiple DKIM keys for a single domain. It's a name you give to your DKIM key, and it can be anything you want, but it must be unique.

Documentation from Cloudflare explains DKIM records are stored in DNS as TXT records. The name of the record follows a specific format: [selector]._domainkey.example.com, where [selector] is the DKIM selector and example.com is your domain.