Hello, i add an email for domain.com and then enable dkim i copy the value to as txt to my cloud flare TXT: Name: default._domainkey value: v=DKIM1; t=s; p=code.... when i use gmail mx checker its give me: Invalid format of DKIM record. i am using version 3.2 any suggest ?
Assuming the DKIM is correctly formed, and you have copied the public part of the key to name service of that domain: maybe you have not copied it correctly? Create in name service a TXT record for default._domainkey.domain.com. (where domain.com is your domain) remembering the dot character in the end. Then the text or value of that record is the long string starting with v=DKIM1; . Check the long string is not cut in the end. The E-mail tutorial linked to in my signature shows how to check the DKIM entry in name service.
Hello, in cloud flare when i put default._domainkey.domain.com. its return to default._domainkey when i check on google mx checker it's give me same message: DKIM technology is used to help detection of unauthorized mailthat pretends to be sent out from your domain. Invalid format of DKIM record. v=DKIM1;t=s;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDAf/NiN7... any suggest ?
Hello, i tired to use : https://www.sparkpost.com/resources/tools/dkim-wizard/ and its working fine but the dkim generated from ipconfig not work any idea? thnaks.
Have you compared the DKIM entries created by ISPConfig and dkim-wizard? In what way are the different? I still suspect you cut the end of the string away when copying to name service.
i didnt , v=DKIM1; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQChxje7BiAw61bKiI0n7N9xBzQHZj9ABhMcKpzoWk6NEUnlk/7va+ZMMBSm82wopWLyrtnkKtwkTka8bQ/j2Dqh3JVVkvMx+9Ra2Yv+p3xh2FADVncytwNy4Z2eZT2zCcD2yT8yeEqSEi6kmDx8""WxyeV7FmmLI7oxNUp/rYzZ/yIQIDAQAB i check https://www.dmarcanalyzer.com/ and its give me: Error : We detected that your key in the DKIM record is invalid.
That looks mangled. There should be space character betwen the two " " and the string should end with "; Have you compared the DKIM entries created by ISPConfig and dkim-wizard? In what way are the different?
i tried with v=DKIM1; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQChxje7BiAw61bKiI0n7N 9xBzQHZj9ABhMcKpzoWk6NEUnlk/7va+ZMMBSm82wopWLyrtnkKtwkTka8bQ/j2Dqh3JVVkvMx +9Ra2Yv+p3xh2FADVncytwNy4Z2eZT2zCcD2yT8yeEqSEi6kmDx8""WxyeV7FmmLI7oxNUp/rY zZ/yIQIDAQAB"; "v=DKIM1; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQChxje7BiAw61bKiI0n7N 9xBzQHZj9ABhMcKpzoWk6NEUnlk/7va+ZMMBSm82wopWLyrtnkKtwkTka8bQ/j2Dqh3JVVkvMx +9Ra2Yv+p3xh2FADVncytwNy4Z2eZT2zCcD2yT8yeEqSEi6kmDx8""WxyeV7FmmLI7oxNUp/rY zZ/yIQIDAQAB"; v=DKIM1; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQChxje7BiAw61bKiI0n7N 9xBzQHZj9ABhMcKpzoWk6NEUnlk/7va+ZMMBSm82wopWLyrtnkKtwkTka8bQ/j2Dqh3JVVkvMx +9Ra2Yv+p3xh2FADVncytwNy4Z2eZT2zCcD2yT8yeEqSEi6kmDx8""WxyeV7FmmLI7oxNUp/rY zZ/yIQIDAQAB; same problem always !
are you adding the trailing ; on the end of every attempt? maybe it doesn't like that, or expects more data after that. also, not sure about the cloudflare interface, but the bind zone file expects a space between the split pieces of code. eg the ispconfig record: Code: v=DKIM1; t=s; p=MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAxMoq2n5P4xL9VtSJtrAdqvJAJsufv+vkakRv9Pf4QbWyDhoKhHbBHUDBBg0QNRq+IepO1sP4cIg1sX2MxTaZCsqzogz7GBy4Gn8AlYVp8AnZpl4ICThxhNt+KK9h382OOkAKNTEOGeKKhn/R9r+eBPokXq4Ha4IsVeex4hQ11mxwUanRXyKTvKYCcu0kD1xCwDt6JYan8P3vws6ecu66iOzEEXh0K6PhnEc81dTjTDueLlsmIWHFY1stXHcOpLUdIe84ETjMm9Gv19MwEH+4EjKivV8D4iHG9WotazPEVjQIcY2rMIhP7wT+aUd2/s4ZkkxtvIRhANxa6Amemg9/JkZGDEzcqGexoMf9izHn10G4m6ZqouQEyGTmaEjsrgKIA8w/n15p9WOhbhPD0HOfkuaY+sUiTGOAhfZEX5TPshfYzl1wjAK4n/+IvCs9fmIYHbr71DCWJGOH5xcuIjnU3lD8MvZqv0fqDAtELVfsAprZRrSm+bRZh+nOVw3l5A+qbFcTUldUXWtmeUDkCQR4K8UV0XyDl3RFSEl+AWApjC4zEG4lOCqaQ7Hws/aN9KprQFhpwZJP8YUYSIyz/G8IlzMiSSAt3WXOIYgObwaWh/PS5DrGdBapftI6i6Sz7UrkS1iC9Z67rVLkyNbNN4gBMQd9JP1yTEl0OpzYlNdZpfcCAwEAAQ== the zone file record: Code: "v=DKIM1; t=s; p=MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAxMoq2n5P4xL9VtSJtrAdqvJAJsufv+vkakRv9Pf4QbWyDhoKhHbBHUDBBg0QNRq+IepO1sP4cIg1sX2MxTaZCsqzogz7GBy4Gn8AlYVp8AnZpl4ICThxhNt+KK9h382OOkAKNTEOGeKKhn/R9r+eBPokXq4Ha4IsVeex4hQ11mxwUanRXyKTvKYCcu0kD1xCwDt" "6JYan8P3vws6ecu66iOzEEXh0K6PhnEc81dTjTDueLlsmIWHFY1stXHcOpLUdIe84ETjMm9Gv19MwEH+4EjKivV8D4iHG9WotazPEVjQIcY2rMIhP7wT+aUd2/s4ZkkxtvIRhANxa6Amemg9/JkZGDEzcqGexoMf9izHn10G4m6ZqouQEyGTmaEjsrgKIA8w/n15p9WOhbhPD0HOfkuaY+sUiTGOAhfZEX5TPshfYzl1wjAK4n/+IvCs9fmIYHb" "r71DCWJGOH5xcuIjnU3lD8MvZqv0fqDAtELVfsAprZRrSm+bRZh+nOVw3l5A+qbFcTUldUXWtmeUDkCQR4K8UV0XyDl3RFSEl+AWApjC4zEG4lOCqaQ7Hws/aN9KprQFhpwZJP8YUYSIyz/G8IlzMiSSAt3WXOIYgObwaWh/PS5DrGdBapftI6i6Sz7UrkS1iC9Z67rVLkyNbNN4gBMQd9JP1yTEl0OpzYlNdZpfcCAwEAAQ==" so from your last post with 3 examples, i'd try the middle one again, putting a space between the two " " and leaving out the final ; or the whole thing, without any quotes or breaks in the code at all, and again leaving out the trailing ; after the code.
I have the same problem in generating the new keys. The DNS record generated from ISPConfig contains quotation marks (which shouldn't be there?). The same record without quotation marks is valid in - for example - Gmail MX Checker or https://dkimcore.org/c/keycheck. Shouldn't this be marked as a bug?
quotation marks in ispconfig or in the zone file? it's not a bug. if you're using strong records, eg 4096 bits, then the record is split into separate strings, in quotes, separated by a blank space. for shorter records, in one single string, it's normally unquoted in the ispconfig interface, and is always quoted in the bind zone file.
It depends what you're doing with it. If you're pasting the string into a zone file, you need them; if you're pasting into a web interface at your registrar, you may or may not, it depends how they process it. If it doesn't work with the quotes, try without (and you'll probably need ot concatenate all the separate strings into one).
To anyone who will find this reply - its 2023 , and the problem (which is not problem) is still there. Dear ISPConfig DEVs, maybe you could solve it by simply adding second txt field, where corrected line with proper spaces and quotes would be ? So admin can just copy paste the value into TXT value . (My junior admin setup 120 domains and emails during the move, and all with failing DKIMs because of this issue ).
I've added an issue on the topic here now: https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/6454
