Hi, I have ISPConfig 3 installed on a Debian server with BIND9. For the domains that send email, I have enabled DKIM. All but one works correctly simply by selecting the "enable DKIM" tick box in the domain's mail section. For the one that doesn't work the error seems to be that BIND9 does not "answer" DNS requests for the domain key. dig produces the following: Code: # dig default._domainkey.bonnyton.com ; <<>> DiG 9.10.3-P4-Debian <<>> default._domainkey.bonnyton.com ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 6970 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;default._domainkey.bonnyton.com. IN A ;; AUTHORITY SECTION: bonnyton.com. 3459 IN SOA ns1.aplustutors.net. dns.aplustutors.net. 2018091202 7200 180 1209600 86400 ;; Query time: 0 msec ;; SERVER: 213.136.95.10#53(213.136.95.10) ;; WHEN: Mon Sep 24 12:04:37 BST 2018 ;; MSG SIZE rcvd: 119 The response is missing an "ANSWER" section which contains the domain key. The actual zone files for each domain seem to contain everything that they should contain. Restarting BIND9 didn't seem to do anything. I couldn't find a log that said anything about DNS requests. Updating the key didn't do anything except add a second TXT entry in the DNS zone. Deleting the existing DNS entries, then updating the key again, didn't do anything. I have tried deleting the DNS entry and re-adding it using the DKIM button on the records tab of the DNS Zone. I have tried deleting the DNS entry and re-adding it as a TXT entry. Any ideas as to what I should do/try next? Thanks!
