I am trying to ad a txt record for DKIM. Please help me. 1. I click to ad the txt record 2. I enter the data in the Hostname (mail._domainkey.mydomain.com.) and Text fields I test with dig and the txt record does not show up. I played around and removed the mail._domainkey. from the Hostname part. Then I get a txt record with dig but it's incorrect. How do I enter into dns the record mail._domainkey.mydomain.com. so it works correctly? Thank you for helping.
Here is the dig output below. server1:~# dig @localhost TXT mail2._domainkey.mydomain.com ; <<>> DiG 9.5.1-P3 <<>> @localhost TXT mail2._domainkey.mydomain.com ; (1 server found) ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 47106 ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0 ;; WARNING: recursion requested but not available ;; QUESTION SECTION: ;mail2._domainkey.mydomain.com. IN TXT ;; Query time: 0 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Tue Nov 10 06:17:12 2009 ;; MSG SIZE rcvd: 47 server1:~# and server1:~# dig @localhost xxxxxx.com TXT ; <<>> DiG 9.5.1-P3 <<>> @localhost xxxxxxx.com TXT ; (1 server found) ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 18320 ;; flags: qr aa rd; QUERY: 1, ANSWER: 2, AUTHORITY: 2, ADDITIONAL: 1 ;; WARNING: recursion requested but not available ;; QUESTION SECTION: ;xxxxxxxxxx.com. IN TXT ;; ANSWER SECTION: xxxxxxxx.com. 86400 IN TXT "v=spf1 ip4:xxxxxx a -all" ;; AUTHORITY SECTION: xxxxxxx.com. 86400 IN NS ns1.xxxxxx.com. xxxxxxx.com. 86400 IN NS ns2.xxxxxx.com. ;; ADDITIONAL SECTION: ns1.xxxxxxxx.com. 86400 IN A xxxxxxxx ;; Query time: 0 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Tue Nov 10 06:27:24 2009 ;; MSG SIZE rcvd: 369 server1:~# Then I remove the mail2._domainkey from the name in dns and dig output as follows: (this was just mucking around in my effort) server1:~# dig @localhost TXT xxxxxxxx.com ;; Truncated, retrying in TCP mode. ; <<>> DiG 9.5.1-P3 <<>> @localhost TXT xxxxxxxx.com ; (1 server found) ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 35966 ;; flags: qr aa rd; QUERY: 1, ANSWER: 3, AUTHORITY: 2, ADDITIONAL: 1 ;; WARNING: recursion requested but not available ;; QUESTION SECTION: ;mydomain.com. IN TXT ;; ANSWER SECTION: xxxxxxxx.com. 86400 IN TXT "k=rsa t=y p=MIGfqGbYAQAB" xxxxxxxx.com. 86400 IN TXT "v=DKIM1 p=MIGfMA0QIDAQAB" xxxxxxxx.com. 86400 IN TXT "v=spf1 ip4:xxxxxxxx a -all" ;; AUTHORITY SECTION: xxxxxxxx.com. 86400 IN NS ns1.xxxxxxxx.com. xxxxxxxx.com. 86400 IN NS ns2.xxxxxxxx.com. ;; ADDITIONAL SECTION: ns1.mydomain.com. 86400 IN A xxxxxxxx ;; Query time: 0 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Tue Nov 10 06:36:11 2009 ;; MSG SIZE rcvd: 608 server1:~# As soon as I make the name as it should be mail2._domainkey.xxxxxxxxxxx.com I cannot get a dig results for the txt record. and therefore: server1:~# amavisd-new testkeys TESTING: mail2._domainkey.xxxxxxxxxxx.com => invalid (public key: not available)
I've tryied to get dkim working for almost a week, i've give up, there is a problem with mydns records and the fact that the key is stored in a mysql database...
I finally got this to work, here the result: www1:/etc/amavis/conf.d# amavisd-new testkeys TESTING: mail._domainkey.mail.xxx.ro => pass www1:/etc/amavis/conf.d# i had to edit the record in the database by hand, here is how the record looks: v=DKIM1;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC+j8TF4XX+23pdk228z1ie0dURzyFSV4/AggUXW2YgYoOk+invQnCRYv/DlLlidlpPQmgFyiUDJ20oyuOeG98zskpwAffl0yhATIC2vBLOK4X2nOrMbkzHEi52QBxgnJs6bKSftzN+zSTJ8OKkRMcSMUbj/TaPjVL8vycrVvmAowIDAQAB this is straight from the database, so i guess the goal is to delete and spaces or blackslashes from the record that is added by web interface. Good luck
