DNS DKIM entry changes

My Web host says my txt name must be “default._domainkey.emogic.com.”

When I try to enter default._domainkey.emogic.com. in mt cloudlfair dns, cloudflare changes it to
default._domainkey , removing the traiking emogic.com. part

As such my DKIM from emails from emogic.com come back wit:
dkim=temperror (no key for signature) [email protected]

It is always like that.
Even if you enter a sub-domain like mysub.emogic.com, you would only see the mysub part :slight_smile:
No need to worry, I think it is due to the dashboard interface, while it works perfectly fine.

If you see that, then you do not have an TXT type DNS record as default._domainkey.emogic.com. And possibly missing "v=DKIM1; p=yourPublicKey" etc.

From below one, you have :

  1. You have a split DKIM by quotes " " in between
  2. You are missing the needed semi-colon(s) in places
  3. Missing end quote "

Currently the part here could be the issue as well:

/1BG0RAmgvFQQueu4nU" "RNBQOU043BCqoJplwsPoeDg4

As for now I got returned this:

emogic.com. IN TXT
emogic.com. 300 IN TXT "v=spf1 +mx +a +ip4: +include:spf.web-dns1.com ~all"

default._domainkey.emogic.com. IN TXT
default._domainkey.emogic.com. 300 IN TXT "v=DKIM1 k=rsa p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtv1C35UBfEustZxwEOZwIjobJ4xqV5o2PQUNJANa5qgrGZdn8xkZvBO88ouzrRueuBS+2fxTrCyeqLRsPufCH3TXh1Tddq2rwWhvaV+dHJTo97WgjBa0+XfhOVWciRWUfdLKwGs5OOxVWTVwRLkGjYbq1jk5vhSzw+gM14KCfXse3n/1BG0RAmgvFQQueu4nU" "RNBQOU043BCqoJplwsPoeDg4Y44oxa4d7hYOdLLeI87QfeSYdutP2COgECD49juyMFKe5m+3YmOAUM2+bMM8+TTPw0p8ftstWBkjj9pjy0Am+fWQJw90UkIrl79sBOmBOqsIWP95d/1NxmkzIurPQIDAQAB

Should be like v=DKIM1; k=rsa; p=key;:

v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtv1C35UBfEustZxwEOZwIjobJ4xqV5o2PQUNJANa5qgrGZdn8xkZvBO88ouzrRueuBS+2fxTrCyeqLRsPufCH3TXh1Tddq2rwWhvaV+dHJTo97WgjBa0+XfhOVWciRWUfdLKwGs5OOxVWTVwRLkGjYbq1jk5vhSzw+gM14KCfXse3n/1BG0RAmgvFQQueu4nURNBQOU043BCqoJplwsPoeDg4Y44oxa4d7hYOdLLeI87QfeSYdutP2COgECD49juyMFKe5m+3YmOAUM2+bMM8+TTPw0p8ftstWBkjj9pjy0Am+fWQJw90UkIrl79sBOmBOqsIWP95d/1NxmkzIurPQIDAQAB;

Have you entered the needed value with or without the quotes " "?
Therefore, maybe the DKIM was not full, rather being split copied and pasted into the content field?

Furthermore, we can check for the existing DKIM and if it’s a valid one by using online tools too:

Next one, DKIM should work in combination with the SPF record.
Do you have it? Nowadays it’s a TXT type of a DNS record with the spf value.

Seems it’s okay too:

May I ask and could you try to test using below tool too?:

Nevertheless, I would also suggestt adding DMARC as a new TXT type record with the name _dmarc and with the content value of at least:

v=DMARC1; p=reject; rua=mailto:[email protected]; ruf=mailto:[email protected]; fo=1

More about why would it be a good recommendation see on the below article:

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.