DKIM Record In DNS

September 15, 2013 7.5k views
JWH3180
By:
JWH3180
I've been unable to add a DKIM using the Digital Ocean DNS control panel because it exceeds 256 characters. v=DKIM1; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzLoiRSkXBbu83qXedscb gC7d4kevZRj7eO54SLo4hU/T2kZ1XmuJ203zsa8ejPgG6es7jiSHPOe4OGD5h5Xb 9DkRyOhkTEPe1XjUWU6kXGRy18nHG0iR0cNiNX1VPpFULHEQulkt/mFwN8MDm9Tv YryHcufZ6nM75aJu4an+x4r8lINVd+3GL4SGYhyfDdvH8d3rOefJ1TmjbCcqwkMB rXGjG4PllMhYkTylqCgjST5HQyGrWh6MbyIG0vQv5czf4SehzWeD7qP+0CYEIHW9 BFwZD4OmmZc4DljMaw4x9yIgT41b1XaKnEnw6tnyepJ6CcjR6eoHN0qEioAxFcwu HwIDAQAB Does anyone know if there is a way of getting this to work
Log In to Comment
10 Answers
gd MOD September 15, 2013
you have extra white space in there, get rid of the new line after the ";" and you will also need to put it in quotes
Reply
JWH3180 September 15, 2013
I've removed all the white space but the record is still 403 characters long. I'll log a support ticket and see what DO say

Thanks for your help
Reply
pablo September 16, 2013
@James,

Were you able to get this figured out? I'm sure I'm not the only one that's curious to know if there's a solution.
Reply
kamaln7 MOD September 16, 2013
Try decreasing your DKIM key's size to <255. Let me know if that works.
Reply
JWH3180 September 16, 2013
Hi, I got a response from DO support to say they don't support more than 256 characters and that I'd have to make my own DNS servers using droplets.

Unfortunately I cannot change the DKIM key on the current version of Kerio Connect which is the software i am using for email. The key is generated automatically and I have no control
Reply
kamaln7 MOD September 17, 2013
@James: Please create a uservoice suggestion
Reply
JWH3180 September 21, 2013
thanks I'll do that. Don't get me wrong though I am not complaining, I've moved all the virtual servers from Media Temple and couldn't be happier
Reply
camoatech October 14, 2013
use 1024 keys?
Reply
  • george.levines November 4, 2014

    I'm having this same issue (I think). How does one limit an opendkim key? / what are the costs of doing so. i used sha256...

    i don't know what i'm doing.

kalen January 30, 2015

Anybody figure this out? The key that I've generated from Mandrill is 236 characters. I've pasted it in with quotes around it. Seems to not be validating though.

Reply
info4cf6e724c14 October 23, 2015

I had the same issue following https://www.digitalocean.com/community/tutorials/how-to-install-and-configure-dkim-with-postfix-on-debian-wheezy

There were new lines in the key, they had to be removed. Also, one of the new lines had a backslash before it which was treated as new line by digitalocean. The key was 238 characters long and fit alright, so those who have longer keys might try following instruction I followed or remove extra stuff - only the data between quotes should go into the field + new lines and extra quotes should be removed. Example

mail.txt:

mail._domainkey IN TXT "v=DKIM1; k=rsa; " "p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC5N3lnvvrYgPCRSoqn+awTpE+iGYcKBPpo8HHbcFfCIIV10Hwo4PhCoGZSaKVHOjDm4yefKXhQjM7iKzEPuBatE7\
O47hAx1CJpNuIdLxhILSbEmbMxJrJAG0HZVn8z6EAoOHZNaPHmK2h4UUrjOG8zA5BHfzJf7tGwI+K619fFUwIDAQAB" ; ----- DKIM key mail for example.com

TXT field should have the following:

"v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC5N3lnvvrYgPCRSoqn+awTpE+iGYcKBPpo8HHbcFfCIIV10Hwo4PhCoGZSaKVHOjDm4yefKXhQjM7iKzEPuBatE7O47hAx1CJpNuIdLxhILSbEmbMxJrJAG0HZVn8z6EAoOHZNaPHmK2h4UUrjOG8zA5BHfzJf7tGwI+K619fFUwIDAQAB"

How To Install and Configure DKIM with Postfix on Debian Wheezy
by Popute Sebastian Armin
This tutorial will focus on installing and configuring OpenDKIM: an open source implementation of the DKIM sender authentication system.
Reply
Have another answer? Share your knowledge.