I am trying to ad a txt record for DKIM. Please help me.

1. I click to ad the txt record
2. I enter the data in the Hostname (mail._domainkey.mydomain.com.) and Text fields

I test with dig and the txt record does not show up. I played around and removed the mail._domainkey. from the Hostname part. Then I get a txt record with dig but it's incorrect.

How do I enter into dns the record mail._domainkey.mydomain.com. so it works correctly?

Thank you for helping.

Please run:

dig @localhost TXT mail2._domainkey.mydomain.com

and post the output.

Here is the dig output below.

server1:~# dig @localhost TXT mail2._domainkey.mydomain.com

; <<>> DiG 9.5.1-P3 <<>> @localhost TXT mail2._domainkey.mydomain.com
; (1 server found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 47106
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;mail2._domainkey.mydomain.com. IN TXT

;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Tue Nov 10 06:17:12 2009
;; MSG SIZE rcvd: 47

server1:~#


and


server1:~# dig @localhost xxxxxx.com TXT

; <<>> DiG 9.5.1-P3 <<>> @localhost xxxxxxx.com TXT
; (1 server found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 18320
;; flags: qr aa rd; QUERY: 1, ANSWER: 2, AUTHORITY: 2, ADDITIONAL: 1
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;xxxxxxxxxx.com. IN TXT

;; ANSWER SECTION:
xxxxxxxx.com. 86400 IN TXT "v=spf1 ip4:xxxxxx a -all"

;; AUTHORITY SECTION:
xxxxxxx.com. 86400 IN NS ns1.xxxxxx.com.
xxxxxxx.com. 86400 IN NS ns2.xxxxxx.com.

;; ADDITIONAL SECTION:
ns1.xxxxxxxx.com. 86400 IN A xxxxxxxx

;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Tue Nov 10 06:27:24 2009
;; MSG SIZE rcvd: 369

server1:~#




Then I remove the mail2._domainkey from the name in dns and dig output as follows: (this was just mucking around in my effort)

server1:~# dig @localhost TXT xxxxxxxx.com
;; Truncated, retrying in TCP mode.

; <<>> DiG 9.5.1-P3 <<>> @localhost TXT xxxxxxxx.com
; (1 server found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 35966
;; flags: qr aa rd; QUERY: 1, ANSWER: 3, AUTHORITY: 2, ADDITIONAL: 1
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;mydomain.com. IN TXT

;; ANSWER SECTION:
xxxxxxxx.com. 86400 IN TXT "k=rsa t=y p=MIGfqGbYAQAB"
xxxxxxxx.com. 86400 IN TXT "v=DKIM1 p=MIGfMA0QIDAQAB"
xxxxxxxx.com. 86400 IN TXT "v=spf1 ip4:xxxxxxxx a -all"

;; AUTHORITY SECTION:
xxxxxxxx.com. 86400 IN NS ns1.xxxxxxxx.com.
xxxxxxxx.com. 86400 IN NS ns2.xxxxxxxx.com.

;; ADDITIONAL SECTION:
ns1.mydomain.com. 86400 IN A xxxxxxxx

;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Tue Nov 10 06:36:11 2009
;; MSG SIZE rcvd: 608

server1:~#


As soon as I make the name as it should be mail2._domainkey.xxxxxxxxxxx.com I cannot get a dig results for the txt record.


and therefore:

server1:~# amavisd-new testkeys
TESTING: mail2._domainkey.xxxxxxxxxxx.com => invalid (public key: not available)

I've tryied to get dkim working for almost a week, i've give up, there is a problem with mydns records and the fact that the key is stored in a mysql database...

I finally got this to work, here the result:

www1:/etc/amavis/conf.d# amavisd-new testkeys
TESTING: mail._domainkey.mail.xxx.ro => pass
www1:/etc/amavis/conf.d#


i had to edit the record in the database by hand, here is how the record looks:

v=DKIM1;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC+ j8TF4XX+23pdk228z1ie0dURzyFSV4/AggUXW2YgYoOk+invQnCRYv/DlLlidlpPQmgFyiUDJ20oyuOeG98zskpwAffl0yhATIC2vBLOK 4X2nOrMbkzHEi52QBxgnJs6bKSftzN+zSTJ8OKkRMcSMUbj/TaPjVL8vycrVvmAowIDAQAB

this is straight from the database, so i guess the goal is to delete and spaces or blackslashes from the record that is added by web interface.

Good luck

Thanks I'm going to try it.