DKIM dkim=temperror (no key for signature)

I am a novice. I recently moved my DNS Nameservers from Easily to Cloudflare. The transfer was largely sucessfull, the websites, SPF and DMARC records transferred successfully. I used the handy Cloudflare option to transfer all the existing records.

My DKIM has not transferred successfully for two of the three domains. It is rather strange that it has worked for one but not the other two. Easily use CNAME record rather than TXT records for DKIM. I have seen that other providers normally use TXT records.

What I find even more confusing is that there doesn’t appear to be any DKIM records on Cloudflare for all of the domains including the one that is working!

When sending an email to a gmail account I get this error: “dkim=temperror (no key for signature)”. The sp,f and DMARC both “PASS”.

Also, when trying to diagnose the problem myself I don’t know how to get the mxtoolbox dkim test to work as I don’t know what I am supposed to put in the “selector” and “domain” fields.

Thank you in advance for any replies. I will be incredibly grateful if anyone has any advice or help.

Hi, can you use https://www.mail-tester.com to test your emails and share the result here?

The selector is part of any emails you send and will show up in this test.

Generally, you should copy any DNS records from your old DNS provider that were not imported automatically by Cloudflare.

1 Like

Hi Laudian,

Thank you so much for your help. The tool you sent is super useful. I fixed it!

I just noticed that there were two not one DNS records missing that Cloudflare didn’t transfer. So I moved both the MX and the CNAME records that got missed and it has started working again!!! I must have been going mad but I only saw three MX records the first time now there are 4. Maybe they added one or I just missed it. Anyway. I’m super happy it’s fixed now. I have DKIM, SPF and DMARC all working ready for the Google and Yahoo cut off in Feb 2024!

1 Like

I spoke too soon.

It was working. Then I enabled Proxy for the CNAME DKIM record and it all stopped working again. I’m going to disable it and wait a while to see if that fixed it. I think that that was the problem. Not too sure to be honest.

You can’t enable proxy for this record. The proxy is only for http, not for email.

1 Like

After turning off the proxy option on the CNAME DNS record and waiting for a few hours. It is fixed again! I think that was the problem.

Thank you for your help Laudian. I really appreciate it. Been trying to figure this out for months. What would I do without forums and excellent and helpful people like yourself?!?!

2 Likes

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.