DKIM using Cloudflare DNS

Forums › IT Pro and developers › DKIM using Cloudflare DNS

xpd

Geek @ Coastguard NZ
13765 posts

Uber Geek

Retired Mod

ID Verified

Trusted

Lifetime subscriber

#260019 6-Nov-2019 21:26

Trying to setup DKIM for my domain but hitting issue. DNS is via Cloudflare.

Following the info here - https://www.hmailserver.com/forum/viewtopic.php?t=29402

But Im getting an error 1004 from Cloudflare when trying to save the TXT record

Lets say this is what Im entering...

Type : TXT Record

Name : dkim._domainkey.xpd.co.nz

v=DKIM1; t=s; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC8nxXPJLVrZycHRDJgL1l/Euut3yPAGHS8CIqMUrwn7PmNoNUEYsoMkiBfRTXLTCpzU2+BceZ9CFyR9N3mJhndvgg6e6JBuVBYyqofAmfDqbuHz7FqF3H6bTdR5l9/5AQM3XFJeerzOO8cPY3VwYnhfUFswCU/suTcTK0+uMV1ewIDAQAB

Gives me a 1004 error - Validation error.

If I remove the key, it saves fine.

What am I missing ??

Ive seen people say to use CNAME, DNSKEY, use quotes, dont use quotes etc etc.....

Gavin / xpd / FastRaccoon / Geek of Coastguard New Zealand

LinkTree

freitasm

BDFL - Memuneh
79254 posts

Uber Geek

Administrator

ID Verified

Trusted

Geekzone

Lifetime subscriber

#2349116 6-Nov-2019 21:40

The type is TXT. The name is dkim._domainkey only. The value is without quotes.

xpd

Geek @ Coastguard NZ
13765 posts

Uber Geek

Retired Mod

ID Verified

Trusted

Lifetime subscriber

#2349117 6-Nov-2019 21:46

freitasm:

The type is TXT. The name is dkim._domainkey only. The value is without quotes.

Yup, doing that, but still errors on me. :-/

Its gonna be something really simple but for life of me I cant see it :)

Gavin / xpd / FastRaccoon / Geek of Coastguard New Zealand

LinkTree

freitasm

BDFL - Memuneh
79254 posts

Uber Geek

Administrator

ID Verified

Trusted

Geekzone

Lifetime subscriber

#2349119 6-Nov-2019 21:49

It is a TXT record. Contact their support...

richms

28168 posts

Uber Geek

Trusted

Lifetime subscriber

#2349122 6-Nov-2019 21:54

If you are copypastaing the record, put it into notepad or something first. I have had a problem in the past where there was some invisible crap in the middle that was not showing till it went into notepad and came up as a square for a missing character.

Richard rich.ms

amanzi

Amanzi
1292 posts

Uber Geek

ID Verified

Trusted

Lifetime subscriber

#2349123 6-Nov-2019 21:54

xpd:

freitasm:

The type is TXT. The name is dkim._domainkey only. The value is without quotes.

Yup, doing that, but still errors on me. :-/

Its gonna be something really simple but for life of me I cant see it :)

Not sure if this helps but I just checked my DKIM records and they are set to 'default._domainkey' instead of 'dkim._domainkey'.

dfnt

1511 posts

Uber Geek

Lifetime subscriber

#2349124 6-Nov-2019 21:57

Have you setup the hmailserver component as well?

Cloudflare might be trying to validate the keys

Edit: Or it might be a cloudflare issue with the new GUI https://community.cloudflare.com/t/dns-validation-error-code-1004-when-trying-to-add-dkim/104396/5 and https://community.cloudflare.com/t/adding-the-dkim-key-to-dns-record/105815

freitasm

BDFL - Memuneh
79254 posts

Uber Geek

Administrator

ID Verified

Trusted

Geekzone

Lifetime subscriber

#2349125 6-Nov-2019 21:58

The bit before _domainkey is the selector - it can be anything providing it corresponds to something your server is generating, so it will likely not be the problem. In my case I have three different records:

selector1._domainkey
selector2._domainkey
dec2013._domainkey

The first two were generated by Office 365. The last one is a key I've created on my own SMTP server (which is barely used these days - gosh, started using DKIM six years ago!)

Equinox IT

Cloud spending continues to surge globally, but most organisations haven’t made the changes necessary to maximise the value and cost-efficiency benefits of their cloud investments. Download the whitepaper From Overspend to Advantage now.