DKIM public key not found even though it's been in my DNS for a week

January 17, 2018 757 views
DNS Email Ubuntu 16.04

Hi,

I am having problems with my VPS trying to set up Postfix as send-only SMTP server using this tutorial:

https://www.digitalocean.com/community/tutorials/how-to-install-and-configure-postfix-as-a-send-only-smtp-server-on-ubuntu-16-04

Everything has been done the same way as they say in the tutorial and I've followed both of these tutorials as well:

My Zone file has the following information:

$ORIGIN my.example.com.
$TTL 1800
my.example.com. IN SOA ns1.digitalocean.com. hostmaster.my.example.com. 1516099513 10800 3600 604800 1800
my.example.com. 1800 IN NS ns1.digitalocean.com.
my.example.com. 1800 IN NS ns2.digitalocean.com.
my.example.com. 1800 IN NS ns3.digitalocean.com.
my.example.com. 3600 IN A 123.456.789.01
my.example.com. 3600 IN AAAA 2b02:c1d0:2:d0::132:3001
my.example.com. 3600 IN TXT "v=spf1 mx a ip4:123.456.789.01 ~all"
mail._domainkey.my.example.com. 3600 IN TXT "v=DKIM1; k=rsa; p=MIGfMA0GCFqGSIb3DQEBAQUAA4GNADCBiQKBgQCZW8z/5Pvx6xhd2zEPAZNul02xDkb6xEOK1bgmDDypeZ18oOIOZk39WHU4tBoHyJm08e0ddfNtsmWSPyedjnIraOL+cG4lZgr0mAJmK/A1K2i+enoVQFiLitxieEeavtahTrJau5rr5BGqZFwAfwtdbSJOk4DrgexamwBnuaZL0wIGAQAB"

I've replaced the real domain and IPs with fake ones due to we're using a confidential domain at this point. I'm hoping this can be resolved without exposing it.

My mail.txt file inside /etc/opendkim/keys/my.example.com looks like this (which was generated during the tutorial for DKIM):

mail._domainkey IN  TXT ( "v=DKIM1; k=rsa; "
      "p=MIGfMA0GCFqGSIb3DQEBAQUAA4GNADCBiQKBgQCZW8z/5Pvx6xhd2zEPAZNul02xDkb6xEOK1bgmDDypeZ18oOIOZk39WHU4tBoHyJm08e0ddfNtsmWSPyedjnIraOL+cG4lZgr0mAJmK/A1K2i+enoVQFiLitxieEeavtahTrJau5rr5BGqZFwAfwtdbSJOk4DrgexamwBnuaZL0wIGAQAB" )  ; ----- DKIM key mail for my.example.com

Using different DKIM checkers, I get information such as:

DNS query failed for 'mail._domainkey.my.example.com':NXDOMAIN
A public-key (p=) is required
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=my.example.com; s=mail; t=1516097701; bh=WBgqksrfs7F0OzQkyE7LiZPHyfFFhl7N4CNav2f5YVw=; h=Date:To:Subject:From:From; b=nlLoX/6Me+yXljyGp2YDsojBYLEq7dgCt1PHcsvD2A5fh76pbWoJsM9kkm6ytn16z
     M/re5tI5UQzHOVu7oM7cB11zPHkhFl1efvV5mr+FfedglmFHtew/FsvFwjf/P/3Kld
     /h/rs26aPmOsFduTtlwUja532pmiyXInGiUsFzzM=
Signed-by: admin@my.example.com
Expected-Body-Hash: WBhgpZjQs7F2OzQkyE7LiZPHyflshl7N4CNav2f5VVw=

DKIM-Result: permerror (no key)

Please note (as title says) that I have had these DNS settings up and running for a week now and the error persists.

What am I missing? I've read all the comments and no one seems to be getting the same error as me. If they did have a similar issue, it was resolved from typos.

Thank you in advance!

Be the first one to answer this question.