Cleaning Up A Generated DKIM Entry for DNS-Webinterfaces
You want to use DKIM, you brave soul? Have you got everything set up? Consequently you asked one of the handy (online) tools spit out a configuration like this:
oachkatzlschwoaf._domainkey IN TXT ( "v=DKIM1; h=sha265; k=rsa; s=email; " "p=YXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYX" "kahdkahsdkahsdkahdkahsdkahskdhakdhakhdkahdkahdkahdkahdkahdkadkahkdh" "ABABABABABABABABABABABABABABABABABABABABABABABABABABABABABABABABABABABABABABABABABABABABABABABABABABABABABABABABABABABABABABABABABABABABABABAB==" ) ; ----- DKIM key oachkatzlschwoaf for domain example.com
So how do you get this into the DNS via your hosters webinterface?
For one, you need the „selector” as the „name” of your DNS entry. In this example, that would be „oachkatzlschwoaf._domainkey”.
The „value” of the DNS entry would be everything within the parentheses. As there is a 255-byte maximum length for a string within a single TXT or SPF RR record and according to RFC 4408 „Sender Policy Framework (SPF) for Authorizing Use of Domains in E-Mail, Version 1” a A domain name MUST NOT have multiple record
, the published key has to be broken up into multiple strings.
This is exactly what those generators already do for you.
So the „value” in the DNS entry would look like this one once a DKIM checker queried the DNS and parsed the result:
v=DKIM1;H=sha265;k=rsa;s=email;p=YXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXYXABABABABABABABABABABABABABABABABABABABABABABABABABABABABABABABABABABABABABABABABABABABABABABABABABABABABABABABABABABABABABABABABABABABABABABAB==
HTH
Tagged as: dkim, howto, knowledge, mail, security, smtp | Author: Martin Leyrer
[Montag, 20170313, 18:52 | permanent link | 0 Kommentar(e)
Comments are closed for this story.