18

*SOLVED - See bottom of this post *

So problem here is that I have been trying to set up a domain key for several days. I've done it successfully in the past, but I just can't get it to work this time.

Now the problem I am currently wrestling with is that when I try and look up the domain key in my DNS record, nothing appears. For example, when I go to protodave, and search for my selector (default) at my domain, here is what I get:

 DNS QUERY: default._domainkey.palabama.com
 QUERY STATUS: No DNS TXT Record found
 TXT RECORD:

When I try and dig the record, I get no answer section.
When I go to DKIMcore, I get the following:

 This is not a good DKIM key record. You should fix the errors shown in red.
 DNS query failed for 'default._domainkey.palabama.com':NOERROR
 A public-key (p=) is required

Thing is, I have set up the DK on my registrat's DNS, which is the assigned dns (namecheap).

After several different tries, here is my setup on namecheap

 default._domainkey.mail.palabama.com.   TXT  v=DKIM1; g=*; k=rsa;      p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC0kOjYjN2gAfTuQgsyS/rGUcMbZ3zg5Pf5pHyN735OufSnkLbpYgnDJcIyQTjhbeGBPoPwlvL1fOa1/TOsp2vT9fFIFtgGXg8yVpSKrttdOCX7a3CYkQIO4WQU+2MAzT+Z3IBroTBDmjS61fhRSyoUlPBhUYTECodVu3GENkoLUQIDAQAB

 default._domainkey.palabama.com.   TXT  v=DKIM1; g=*; k=rsa;      p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC0kOjYjN2gAfTuQgsyS/rGUcMbZ3zg5Pf5pHyN735OufSnkLbpYgnDJcIyQTjhbeGBPoPwlvL1fOa1/TOsp2vT9fFIFtgGXg8yVpSKrttdOCX7a3CYkQIO4WQU+2MAzT+Z3IBroTBDmjS61fhRSyoUlPBhUYTECodVu3GENkoLUQIDAQAB

I threw that mail.palabama.com. record in thinking that maybe, because my MX record is set to mail.palabama.com. that it would help, originally that line was not in the DNS, and that didn't change anything.

When I verify the actual string at DKIMcore, it tells me everything is valid. It's just like the damn record doesn't exist. It's set to a TTL of 300 btw.

Here is the dig for my MX record

 dig palabama.com MX
 ; <<>> DiG 9.8.4-rpz2+rl005.12-P1 <<>> palabama.com MX
  ;; global options: +cmd
 ;; Got answer:
 ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 12713
 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

 ;; QUESTION SECTION:
  ;palabama.com.                  IN      MX

 ;; ANSWER SECTION:
 palabama.com.           1800    IN      MX      10 mail.palabama.com.

What am I doing wrong? I'm pulling my hair out with this one.

EDIT: SOLVED!!!

I have fixed it! Hallelujah! Thanks to TheCompWiz for his answer, which basically confirmed to me that I was not crazy and that barring all user mistakes, the problem was on my DNS server's end. I tried something as an experiement...instead of putting in

 default._domainkey.palabama.com

I eliminated the palabama.com, leaving only

 default._domainkey

in my server record. And boom, just like that it worked.

I think that it's important, though, to find out if that is actually how the entry should read, and all that I read was wrong, or its a quirk of namecheap's DNS servers that the domain should be left off the string. And also if that is the case for any other servers.

orokusaki
  • 2,693
  • 4
  • 28
  • 42
Dan Miller
  • 193
  • 1
  • 1
  • 6
  • DNS names end with periods or assume your origin. Sounds like namecheap is properly titled. – Jacob Evans Sep 21 '15 at 04:25
  • 1
    Welcome to Server Fault! Per our Q&A structure, we recommend that instead of editing solutions into your question, you add your own answer - this way, you can get reputation for your solution! – Falcon Momot Nov 06 '15 at 00:10
  • Having the same problem with Namecheap... When you changed the TXT records to `default._domainkey` did you have to wait for the DNS to propagate? – Sethen Aug 01 '16 at 16:05
  • your updated answer saved my day – Rabolf Feb 23 '21 at 18:01

6 Answers6

7

Whether or not you added them to your registrar's DNS servers... I cannot say. What I can say, is that the records are not publicly resolvable. Are you sure you didn't define the records as SRV or A records? If you're 100% sure you added them properly... it's time to call Namecheap... and talk to them. Maybe they have issues hosting TXT records.

TheCompWiz
  • 7,349
  • 16
  • 23
  • I did, absolutely made them TXT. Does the MX configuration make any difference in how it gets looked up? Thanks! – Dan Miller Jan 12 '14 at 00:35
  • 3
    I solved it by changing default._domainkey.palabama.com to just default._domainkey Should I have done this all along or is that just a quirk of namecheap? Thanks again – Dan Miller Jan 12 '14 at 01:19
  • 1
    sounds like a quirk with namecheap. Ending a DNS name with a dot means it's a FQDN... whereas... just the hostname is typically interpreted as a child of the current zone. i.e. "www" in the example.com domain vs "www.example.com." Glad you got it figured out. And FWIW... MX is just another record type. It would not affect any TXT records. – TheCompWiz Jan 12 '14 at 02:32
  • That is good to know. I am sure I'll need to set dk up again sometime. Thanks again for your help and the follow up. – Dan Miller Jan 12 '14 at 08:37
6

As indicated in the edit to the question, changing from e.g. default._domainkey.example.com to default._domainkey resolves the problem.

It looks like Namecheap appends the domain name, so default._domainkey.example.com becomes default._domainkey.example.com.example.com.

To test this theory I did a DNS lookup:

nslookup -q=TXT default._domainkey.example.com.example.com

Sure enough, there was the TXT record. A quick check of TXT records on MXToolBox confirmed it as well.

Nateowami
  • 161
  • 1
  • 4
3

[SOLVED] Basically, I had the same issue. Added DKIM (CNAME) and SPF (TXT) records in Namecheap for Mailchimp integration but got this message from Mailchimp.

We tried to verify your DNS changes and did not detect the right values

The issue is Mailchimp asks for this string to be added in the host field.

k1._domainkey.domainname.com

But as someone suggested above, in Namecheap you don't need to include the domainname. In my case for mailchimp, just k1._domainkey was enough. I double-checked with the Namecheap guys. They confirmed it and pointed me to this guide.

https://www.namecheap.com/support/knowledgebase/article.aspx/9845/2208/how-to-connect-a-domain-to-mailchimp

Just one more trick. Mailchimp continued to show me the error even after DKIM check was right. (Tool here: https://toolbox.googleapps.com/apps/dig/#CNAME/k1._domainkey.dasubhashitam.com)

What I did was remove the verification in mailchimp and do it again as suggested in the guide. Voila! Things worked. And I wasted two days on this.

Hope it helps somebody.

Dave M
  • 4,494
  • 21
  • 30
  • 30
2

What solved for me was NOT using the domain name as selector name. Never have a DNS entry that's like

website._domainkey.website.com.

using

def._domainkey.website.com.

worked for me!

chicks
  • 3,639
  • 10
  • 26
  • 36
Ste_95
  • 121
  • 1
0

A solution that worked for me on GoDaddy's DNS Manager was to use:

"dkim._domainkey" in the Host section (no quotations) "v-DKIM .... " in the TXT Value, with the entire key included.

Before, I was simply using "_domainkey" and that wasn't working.

-2

What you were missing from the beginning was the trailing (dot) in default._domainkey.palabama.com it should have been default._domainkey.palabama.com.

Pierre
  • 1