appleserveradmin

Q: DKIM Add to DNS txt Record

Hi Folks,

 

I have a DKIM key to add and the service provider that I am using instructs me to put in the host name as "Host/Name: api._domainkey ".
However I cannot put underscore "_" in the server's DNS entry. So,is there any proper way to do this? I can successfully put SPF as a txt record though.


Any help is appreciated.

 

Best Regards,
Pyie

Mac Pro, OS X Server

Posted on Mar 15, 2016 8:27 PM

Close

Q: DKIM Add to DNS txt Record

  • All replies
  • Helpful answers

  • by John Lockwood,Solvedanswer

    John Lockwood John Lockwood Mar 16, 2016 3:48 AM in response to appleserveradmin
    Level 6 (9,324 points)
    Servers Enterprise
    Mar 16, 2016 3:48 AM in response to appleserveradmin

    You need to hand edit the DNS server file. As you have found the Server.app program does not allow this.

     

    First temporarily turn off the Mac DNS server in Server.app

    Then launch Terminal.app and edit the appropriate file in -

     

    /Library/Server/named/

     

    e.g. db.yourdomain.com

     

    Then add a line in that file looking like the following but with your values.

     

    _domainkey.yourdomain.com.               10800 IN TXT      "t=y; o=~; r=postmaster@yourdomain.com"

     

    Note: You might have to do this both on your Mac DNS server and also on an external DNS server managed by your Internet provider, this depends on how your domain is setup.

     

    Finally use Server.app to start your Mac DNS server again, it will then re-read the DNS files including the above addition.

  • by appleserveradmin,

    appleserveradmin appleserveradmin Mar 16, 2016 4:09 PM in response to John Lockwood
    Level 1 (0 points)
    Mar 16, 2016 4:09 PM in response to John Lockwood

    Thanks a lot! This solved the problem.
    This is what I did.


    I needed to put both SPF and DKIM to my DNS Record.

    For SPF is fairly simple,you can just use the server GUI.
    Now,left with the DKIM but my DKIM host name i"api._domain" and apple server GUI wouldn't allow me to put in the underscore "_".
    So,I go to /Library/Server/named/db.yourdomainname.com
    Use "sudo" to edit that file.
    At the last line(or wherver you want), I put the following
    "api._domainkey.mydomainname.com.      10800 IN TXT      "0=~" api._domainkey.mydomainname.com TXT "v=DKM1; k=rsa;t=s;p=restofthekey""

     

    *Note : My provider is elasticemail and they gave me one private key.

  • by semtexx,

    semtexx semtexx Sep 22, 2016 6:18 AM in response to appleserveradmin
    Level 1 (4 points)
    Sep 22, 2016 6:18 AM in response to appleserveradmin

    It seems that macOS 10.12 with Server 5.2 breaks support for DKIM as none of the outgoing mails are being signed. Anyone has found how to fix this with Server 5.2?

  • by jjennings089,

    jjennings089 jjennings089 Sep 23, 2016 10:27 PM in response to semtexx
    Level 1 (18 points)
    Sep 23, 2016 10:27 PM in response to semtexx

    Can confirm; I have tried every guide on setting up DKIM signing and it never works. I had it working on many past versions of Server so it must either be a software bug or a new configuration I'm missing.

  • by jjennings089,

    jjennings089 jjennings089 Sep 27, 2016 5:33 PM in response to semtexx
    Level 1 (18 points)
    Sep 27, 2016 5:33 PM in response to semtexx

    I finally found the error in amavisd that wasn't keeping the originating variable. You will need to edit amavisd in VI adding it at line 22852

    $msginfo->originating(c('originating'));

    Restart amavisd

    Be sure to copy your original amavisd as a backup.