DKIM is too long to add txt records

Discussion in 'Tips and tricks' started by eritest, Sep 13, 2018 at 7:28 PM.

  1. eritest

    eritest New Member

    Joined:
    Thursday
    Messages:
    5
    Likes Received:
    0
    S.E:
    2019-03-14 17:32:47
    L.T:
    Regular
    L.C:
    1
    I would like to ask the system how to set the problem of sending domain name DKIM too long, 2048 modified to 1024, dns parsing error, can not exceed 255 characters.


    img:http://prntscr.com/ku2riq
     
  2. frm.mwz

    frm.mwz Well-Known Member

    Joined:
    Mar 8, 2016
    Messages:
    3,385
    Likes Received:
    637
    S.E:
    2018-11-06 14:46:35
    L.T:
    Regular
    L.C:
    6
    All modern DNS admin/registrars are supposed to be able to handle DKIM 2048, what software or registrar is causing this error?
    If you absolutely need to use your current DNS (which demands the shorter DKIM 1024), then create the key elsewhere and copy & paste public and private key into the place where mwz created the longer key and then save & verify it.
     
  3. twisted1919

    twisted1919 Administrator Staff Member

    Joined:
    Dec 27, 2014
    Messages:
    9,409
    Likes Received:
    2,219
  4. frm.mwz

    frm.mwz Well-Known Member

    Joined:
    Mar 8, 2016
    Messages:
    3,385
    Likes Received:
    637
    S.E:
    2018-11-06 14:46:35
    L.T:
    Regular
    L.C:
    6
    Good KB article and link!

    It might be better to allow selecting which size 1024 or 2048 at the creation time where the sending domain is configured, since this would allow to use whatever the DNS/third party supports, since this can differ by each domain/customer. And it is better to have it flexibly as high as possible since some recipient servers mark down when not 2048.

    Also, would be good to have a KB article with a complete list of all custom configuration parameters.

    :)
     
    Last edited: Sep 14, 2018 at 1:10 PM
  5. eritest

    eritest New Member

    Joined:
    Thursday
    Messages:
    5
    Likes Received:
    0
    S.E:
    2019-03-14 17:32:47
    L.T:
    Regular
    L.C:
    1
    'email.custom.dkim.key.size'=> 1024,

    Is it added like this? Can you help me tell me the example and the location I added?thanks

    http://prntscr.com/kue0zh

    The top three domain name service providers in China do not support dkim txt over 255 characters.
    Domain name service provider: aliyun.com, xinnet, cloud.tencent.com
    Dns hosting :dnspod.cn
    They can't add more than 255 characters







     
    Last edited: Sep 14, 2018 at 2:50 PM
  6. twisted1919

    twisted1919 Administrator Staff Member

    Joined:
    Dec 27, 2014
    Messages:
    9,409
    Likes Received:
    2,219
    We try to push people using the most secure option, thus 2048 as default. People should not be able to play with these settings, unless cases like this one ;)

    You forgot the comma, both of your params must have commas at the end, so:
    'param1' => 'value 1',
    'param2' => 'value 2',

    They should. It's customers pressing on them and making them do an effort to support this.
     
  7. eritest

    eritest New Member

    Joined:
    Thursday
    Messages:
    5
    Likes Received:
    0
    S.E:
    2019-03-14 17:32:47
    L.T:
    Regular
    L.C:
    1
    thanks for you.
     

Share This Page