Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


ForumsIT Pro and developersDKIM using Cloudflare DNS

xpd

xpd

Geek of Coastguard
14115 posts

Uber Geek
+1 received by user: 4574

Retired Mod
ID Verified
Trusted
Lifetime subscriber

#260019 6-Nov-2019 21:26
Send private message

Trying to setup DKIM for my domain but hitting issue. DNS is via Cloudflare.

 

Following the info here - https://www.hmailserver.com/forum/viewtopic.php?t=29402

 

But Im getting an error 1004 from Cloudflare when trying to save the TXT record

 

Lets say this is what Im entering...

 

Type : TXT Record

 

Name : dkim._domainkey.xpd.co.nz 

 

v=DKIM1; t=s; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC8nxXPJLVrZycHRDJgL1l/Euut3yPAGHS8CIqMUrwn7PmNoNUEYsoMkiBfRTXLTCpzU2+BceZ9CFyR9N3mJhndvgg6e6JBuVBYyqofAmfDqbuHz7FqF3H6bTdR5l9/5AQM3XFJeerzOO8cPY3VwYnhfUFswCU/suTcTK0+uMV1ewIDAQAB

 

Gives me a 1004 error - Validation error. 

 

If I remove the key, it saves fine. 

 

What am I missing ??

 

Ive seen people say to use CNAME, DNSKEY, use quotes, dont use quotes etc etc.....

 

 




XPD / Gavin

 

LinkTree

 

 

 

Create new topic
freitasm
BDFL - Memuneh
80646 posts

Uber Geek
+1 received by user: 41024

Administrator
ID Verified
Trusted
Geekzone
Lifetime subscriber

  #2349116 6-Nov-2019 21:40
Send private message

The type is TXT. The name is dkim._domainkey only. The value is without quotes.




Referral links: Quic Broadband (free setup code: R587125ERQ6VE) | Samsung | AliExpress | Wise | Sharesies 

 

Support Geekzone by subscribing (browse ads-free), or making a one-off or recurring donation through PressPatron.

 



xpd

xpd

Geek of Coastguard
14115 posts

Uber Geek
+1 received by user: 4574

Retired Mod
ID Verified
Trusted
Lifetime subscriber

  #2349117 6-Nov-2019 21:46
Send private message

freitasm:

 

The type is TXT. The name is dkim._domainkey only. The value is without quotes.

 

 

Yup, doing that, but still errors on me.  :-/

 

Its gonna be something really simple but for life of me I cant see it :)

 

 




XPD / Gavin

 

LinkTree

 

 

 

freitasm
BDFL - Memuneh
80646 posts

Uber Geek
+1 received by user: 41024

Administrator
ID Verified
Trusted
Geekzone
Lifetime subscriber

  #2349119 6-Nov-2019 21:49
Send private message

It is a TXT record. Contact their support...




Referral links: Quic Broadband (free setup code: R587125ERQ6VE) | Samsung | AliExpress | Wise | Sharesies 

 

Support Geekzone by subscribing (browse ads-free), or making a one-off or recurring donation through PressPatron.

 



richms
29097 posts

Uber Geek
+1 received by user: 10205

Trusted
Lifetime subscriber

  #2349122 6-Nov-2019 21:54
Send private message

If you are copypastaing the record, put it into notepad or something first. I have had a problem in the past where there was some invisible crap in the middle that was not showing till it went into notepad and came up as a square for a missing character.




Richard rich.ms

amanzi
Amanzi
1354 posts

Uber Geek
+1 received by user: 331

ID Verified
Trusted
Lifetime subscriber

  #2349123 6-Nov-2019 21:54
Send private message

xpd:

 

freitasm:

 

The type is TXT. The name is dkim._domainkey only. The value is without quotes.

 

 

Yup, doing that, but still errors on me.  :-/

 

Its gonna be something really simple but for life of me I cant see it :)

 

 

 

 

Not sure if this helps but I just checked my DKIM records and they are set to 'default._domainkey' instead of 'dkim._domainkey'.

 

 

dfnt
1553 posts

Uber Geek
+1 received by user: 1036

Trusted
Lifetime subscriber

  #2349124 6-Nov-2019 21:57
Send private message

Have you setup the hmailserver component as well? 

 

Cloudflare might be trying to validate the keys

 

Edit: Or it might be a cloudflare issue with the new GUI https://community.cloudflare.com/t/dns-validation-error-code-1004-when-trying-to-add-dkim/104396/5 and https://community.cloudflare.com/t/adding-the-dkim-key-to-dns-record/105815

 
 
 
 

Shop now on AliExpress (affiliate link).
freitasm
BDFL - Memuneh
80646 posts

Uber Geek
+1 received by user: 41024

Administrator
ID Verified
Trusted
Geekzone
Lifetime subscriber

  #2349125 6-Nov-2019 21:58
Send private message

The bit before _domainkey is the selector - it can be anything providing it corresponds to something your server is generating, so it will likely not be the problem. In my case I have three different records:

 

selector1._domainkey
selector2._domainkey
dec2013._domainkey

 

The first two were generated by Office 365. The last one is a key I've created on my own SMTP server (which is barely used these days - gosh, started using DKIM six years ago!)




Referral links: Quic Broadband (free setup code: R587125ERQ6VE) | Samsung | AliExpress | Wise | Sharesies 

 

Support Geekzone by subscribing (browse ads-free), or making a one-off or recurring donation through PressPatron.

 

xpd

xpd

Geek of Coastguard
14115 posts

Uber Geek
+1 received by user: 4574

Retired Mod
ID Verified
Trusted
Lifetime subscriber

  #2349136 6-Nov-2019 22:28
Send private message

Right, managed to get CF to accept it..... now when testing though, I'm getting "key not in DNS" as a DKIM failure in the headers of the test emails.

 

Yet I can check my DNS records from various servers and they see it......

 

 




XPD / Gavin

 

LinkTree

 

 

 

BlakJak
1329 posts

Uber Geek
+1 received by user: 735

Trusted

  #2350838 9-Nov-2019 20:32
Send private message

https://www.dmarcanalyzer.com/dkim/dkim-check/ might be useful?




No signature to see here, move along...

Create new topic








Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Updates »

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.








RSS feeds
Main feed
Forums feed
Copyright
©2002-2026 Geekzone®
Site features
Geekzone BI dashboard
Geekzone Badges
Geekzone Status Page

 

Site Information
Subscribe to Geekzone
Privacy Statement
Forum Usage Guidelines (FUG)
Advertising
Trademark and copyright