DKIM not working

I followed the instructions as currently published at https://wiki.sympl.host/view/Mail_Configuration_Reference , and the key it generates isn’t accepted. I don’t know enough about it to know what is wrong, but I do know that something is wrong.

(Moved this to a new topic)

Troubleshooting for DKIM is:

  1. Check the permissions on config/dkim.key are sympl:sympl (this should get fixed automatically if not).
  2. Check config/dkim exists.
  3. Check the DNS entries have been added with the relevant selector - ._domain.example.com and are correct.

I took the output from the domain.txt file and put into an online DKIM validator, and it was declared invalid.

That will likely be in the wrong format. After adding it to my Mythic Beasts DNS, and done the valuation it worked. I had to tweak the domain as the format is a little different.

Yes, it’s likely line splitting or something like escaped characters (or the :300 on the end) that got copied.

Look for any instances of a backslash in the record - off the top of my head, that denotes that the next 3 characters are an ASCII character represented in octal.

I’ll see if I can dig out my DNS audit script at some point as it should be able to identify incorrect/invalid DNS records compared to what it’s expecting.

For what it’s worth - when I realised that Symbiosis was depreciated I embraced Sympl Debian 10 hosted with Mythic Beasts. Actually, until Sympl came along I was looking at using Virtualmin as a replacement to Symbiosis.

I struggled to setup dns using the MB control panel partly because the panel lacks example dns entries; I’m not sure whether I actually managed to setup a domain correctly. Some example domain dns entries would be a real game changer.

As a workaround I have since decided to rely on my domain name registrar for dns. In my case it’s 123-Reg. I used this useful link https://www.appmaildev.com/en/dkim to iron out the nuances.
Adding 123-Reg dns entries takes minutes now I’ve worked out the correct setup.

That said I’m looking forward to testing OctoDNS when it’s finally included within Sympl.
Rgds Pete

I wrote this guide a while back, I’ve been using OctoDNS with Sympl and MB DNS API for a while now. Generally works quite well.

https://wiki.sympl.host/view/Using_OctoDNS_To_Update_DNS

Andy

I tried again this morning, copying and pasting the same content. Today it works. I must have miscopied it somehow.

It was quite a number of years ago, but when I used 123-reg their DNS was very unreliable. I guess they go better: they’re still in business!
It seems that the whole area of DNS is badly explained to the average punter.
And in a world full of bad explanations, I agree, examples are really useful.
spf is easy enough, with an empty name field, but Dmarc and DKIM really do need examples of what to put there. Seems that the file that Sympl generates needs the bit before .myhostname.com in the name field and the DKIM record chunk from the bit that starts p= but not including the :300 at the end.

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.