Marketo uses a shared DKIM signature to sign your email by default. However, you can use your own domain in the From address of the email and have a private DKIM key created for you, which can be done by following the steps below:

Enable DKIM on your domain in Marketo

1. Open your Marketo account as an administrator

2. Go to the Admin section.

3. Click Email, then the DKIM tab, and finally Add Domain.

4. Enter the domain you will be using in Marketo emails as the From Address and click Add.

5. Copy the Host Record and TXT Value and add the DKIM key in Valimail Enforce.

Add the Marketo DKIM key in Valimail Enforce

1. Go to your domain's Configuration page in Valimail Enforce and publish the newly created DKIM key.

a. Click on Add a DKIM key and fill in the info from the newly created Marketo key and then click Add.

6. Once the DKIM key is added in Valimail Enforce, come back to Marketo, select your domain, and click Check DNS.

7. Once the DKIM key is validated, you will be ready to send authentication emails on behalf of your domain, using Marketo.

Note: The Marketo DNS check may not like the Authenticate SPF Macro and display a warning.  While Marketo will send in alignment, you may need to contact Marketo Support to have them override the SPF validation script in their UI. The SPF response will  work correctly and you can verify this by following the instructions found in this article: Valimail SPF Records