Question
Why are DKIM TXT records split?
Answer
DNS servers have a maximum string length allowed of 255 characters however more than 255 are allowed in the entire DNS record. What needs to be done is each portion of 255 characters needs to be split into double quoted strings. Updated DKIM keys are
An example can be seen here:
default._domainkey 14400 IN TXT "v=DKIM1; k=rsa; p=MIIBIjAASASfhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw6VjtjNRQgf357XlPJNNXDbm9Om7rcKaPuyxVt8Yj/xdfhMFqA1S+1AOnKdiFNMlobdBqxy0AbyRNdMQXCXre943bo1GXjMe9jkjZi50LAWdeMUAHaU9W9aqc4PdFBlxWI25LlIE4R9bHgcr5TZu+7c8GuB45WZ9Cj5OmgyKx8tgckvSmHidCkPrUyuXeC79d" fOVfThfDCx6g+D3UpFAhUHnIG5Z0Iepd6W53EPVdsq7tYATh6NdgAR05UYErZGJ9bVqg9KHZDNWcoCYLrYwwSn+3m1J7B1FHD/Kfvgseyn0U+MvL9o7CUiP49R+V4E+Ji4+L2lvPI19wjnupytrxQIDAQAB\;
Notice the record data starting with v=DKIM1 is prefixed with double quotes and ends with XeC79d" and then the rest of the record data is appended after the double quote. This allows the entire 2048-bit key to be entered.
The best way to copy the split data record is to access cPanel then click into "Email Deliverability" and then click manage next to the domain needed. Next scroll to "Suggested “DKIM” (TXT) Record" and click split under the value row. This will enter the quotes where needed. Now click copy and then that can be pasted where needed.
There is no workaround for this and is intended so that a string of characters longer than 255 can be utilized in a DNS data record. If remote DNS server services do not allow the key to be split or do not allow characters to be more than 255 then their support will need to be contacted to address that issue.
Comments
0 comments
Article is closed for comments.