I followed the excellent article: https://www.digitalocean.com/community/tutorials/how-to-install-and-configure-dkim-with-postfix-on-debian-wheezy to set up DKIM on my server. I created the two TXT records exactly as required. My domain is called realassurance.com. However the authentication check using a test email to: firstname.lastname@example.org returns the following in the DKIM section stating that mail._domainkey.realassurance.com doesn’t exist (see below), when it does. Having read as many blog articles as I could find about this I have ensured the text is in quotes and I am sure it is not a propagation issue as I used mxtoolbox.com (and other similar online tools) to check for mail._domainkey.realassurance.com which was found as a TXT record ok.
Also I note in the report below, it reports the DNS record as TXT (NXDOMAIN) - whatever that means.
No idea what to do next. Can someone please help?
Result: permerror (key “mail._domainkey.realassurance.com” doesn’t exist) ID(s) verified: Canonicalized Headers: to:email@example.com’0D’‘0A’ from:John’20’firstname.lastname@example.org’0D’‘0A’ subject:test’0D’‘0A’ date:Sun,‘20’23’20’Apr’20’2017’20’15:53:34’20’+0800’0D’‘0A’ dkim-signature:v=1;'20’a=rsa-sha256;'20’c=relaxed/simple;'20’d=realassurance.com;'20’s=mail;'20’t=1492934013;'20’bh=frcCV1k9oG9oKj3dpUqdJg1PxRT2RSN/XKdLCPjaYaY=;'20’h=To:From:Subject:Date:From;'20’b=
Canonicalized Body: ‘0D’‘0A’
DNS record(s): mail._domainkey.realassurance.com. TXT (NXDOMAIN)
NOTE: DKIM checking has been performed based on the latest DKIM specs (RFC 4871 or draft-ietf-dkim-base-10) and verification may fail for older versions. If you are using Port25’s PowerMTA, you need to use version 3.2r11 or later to get a compatible version of DKIM.
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.