My domain mail score is lower as the DKIM record is not properly detected
What steps have you taken to resolve the issue?
I’ve been using MXroute for all my mail hosting. When setting up the DKIM records there’s a quirk, described in Cloudflare DNS Tutorial at the end of the page. I needed to leave out the quotation marks in order to get a properly configured DKIM record.
Setting up the above new domain I see that now TXT records mandatorily need quotation marks. Setting them leads to a 9/10 score from Spam Test Result (see attached screenshot)
What feature, service or problem is this related to?
DNS records
What are the steps to reproduce the issue?
Set the MXroute DKIM TXT record with quotation marks as now mandated by Cloudflare => DKIM not recognized properly
TXT records always require quotation marks around the content, Cloudflare has only changed the dashboard to require these to be included when the record is entered. Previously they were added if missing by the resolver.
You’re absolutely right — TXT entries do need to be in quotation marks. I struggled with this when setting up my first domains and found MXroute’s Cloudflare-specific DKIM instructions really helpful: Cloudflare DNS Tutorial
They also link to a video at the bottom that’s worth checking out.
As a beginner, I just followed their guide, and my mail-tester.com score jumped from 9/10 to a full 10/10 — so it made a real difference.
While the general advice is to use quotes, their guide suggests a more specific approach that worked better in practice for me.
Domain 1: henningwagner.com
Running on Cloudflare using the old config (where you could enter TXT values without quotation marks).
DKIM passes But I now get a tooltip warning in Cloudflare saying quotation marks are missing — still, I’m not touching it because it’s working as expected.
Domain 1: henningwagner.com
Running on Cloudflare using the old config (where you could enter TXT values without quotation marks).
DKIM passes But I now get a tooltip warning in Cloudflare saying quotation marks are missing — still, I’m not touching it because it’s working as expected.
Here’s what Cloudflare now shows on henningwagner.com:
It warns about missing quotes but doesn’t affect DKIM validation. So it looks like Cloudflare might be adding them automatically — but in a way that works better than when I add them manually.
And I’m getting feedback that users using Microsoft for their mails don’t receive the mails. Not even in spam. So this is really a pressuring issue.
I know it’s super weird as it drills down to “my quotations are less worth/impactful than the auto-quotations of Cloudflare” but please have a look with the team. Even MXroute created a howto article on the issue a long time ago.
The record (assuming the selector is x) resolves, that’s all Cloudflare does for you. If the DKIM is not working check the value is correct, otherwise you will need to check with your mail provider.
Yes, but that seems to cause an issue. Comparing both my records a) via dig and b) in the MXroute settings I see that at character 258 the DKIM record gets split up into two:
Again that is a DNS requirement. TXT record strings are limited to 255 characters and TXT records can contain multiple strings so this splitting is needed for long DKIM records. Cloudflare, and most if not all other DNS providers I know, will handle this automatically.
I’m with you and thanks for your patience. Totally understand that it fulfills the specs. But I’m sitting at the other end experiencing that Microsoft mail accounts are dropping my transactional mails and that MXroute extra went along and added the “leave out the quotation marks” in their tutorial…
So there’s got to be something to it…
Can we flip this upside down? Can you pls remove the quoatation marks for the flowvoice.email TXT record and then I’ll test both
inform my Microsoft customer and see if they receive my mail
I know, I’m going against official specs and norms … but I wouldn’t jump into the topic if there wouldn’t be something to it. Legacy domains are 10/10, new quotation stuff gets downgraded…
The quotation marks were always returned when the record was queried, that is a DNS requirement and so it’s not possible to remove them - you just didn’t need to enter them into the dashboard before, but now you do.
Cloudflare is returning a TXT record as required, that’s all it does. If DKIM is not working, you need to contact your mail host.
@sjr is absolutely correct. The quotes are purely cosmetic and there is absolutely no difference in the DNS between records with and without quotes in the UI. In fact, it’s impossible to represent “unquoted” records in the DNS (that’s not a concept that exists) and even “unquoted” records will show quotes when queried with DiG or any other tool. This is true for all DNS providers because it’s part of how TXT records are defined to work in the DNS.
If external tools are showing an issue with the record, chances are that either the quotes weren’t entered correctly (our UI handles quoting automatically when records without quotes are entered, so that’s unlikely) or the actual content of the TXT record is not correct.
Domain 1: 
DKIM passes 
But I now get a tooltip warning in Cloudflare saying quotation marks are missing — still, I’m not touching it because it’s working as expected.
DKIM doesn’t validate properly