Open AnoopAlias opened 6 years ago
What does bind, nsd or PowerDNS do in this case?
@abh
Following is binds response from dig tool
;; QUESTION SECTION:
;default._domainkey.lemurstack.com. IN TXT
;; ANSWER SECTION:
default._domainkey.lemurstack.com. 14263 IN TXT "v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwhdA/p6ZekbZYE18fvDtbEK/yqfgtuaZdCZawnLhZ0FikZAYW2+g2dHi0Oa/H/p7yd9RM/BoU1MdsTWtXphfOZgOLhG74UqbON/WWxyebIzbM+z8aD0ACkL6AzQGfESMQVIwcTQ0WHKAiYnrlJIgsW72XQeJJhSIpIaot1BnmBrcwSOKpqP8R3GstKMToeWd+" "m8H0PZ1Quos9y4hii4pxBBkTBUq/i6iAezrbAbD51mxwG1uT4r/qh9U5Hz4noQ2Dpz1l14xThs2vQKLqS2odOYJXWH6uPsVSp1yD2jX8746aKlqlUoBmDwP1rLxVsB7ipS0VkHu0rdedusuqFce5wIDAQAB;"
The entry in binds DB file is as follows
default._domainkey IN TXT "v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwhdA/p6ZekbZYE18fvDtbEK/yqfgtuaZdCZawnLhZ0FikZAYW2+g2dHi0Oa/H/p7yd9RM/BoU1MdsTWtXphfOZgOLhG74UqbON/WWxyebIzbM+z8aD0ACkL6AzQGfESMQVIwcTQ0WHKAiYnrlJIgsW72XQeJJhSIpIaot1BnmBrcwSOKpqP8R3GstKMToeWd+" m8H0PZ1Quos9y4hii4pxBBkTBUq/i6iAezrbAbD51mxwG1uT4r/qh9U5Hz4noQ2Dpz1l14xThs2vQKLqS2odOYJXWH6uPsVSp1yD2jX8746aKlqlUoBmDwP1rLxVsB7ipS0VkHu0rdedusuqFce5wIDAQAB\;
I tried to split this in geoDNS and it is providing 2 response when queried but doesn't seem to be valid. Online DKIM tester tools all return errors.
If the TXT record is given in entire, geoDNS does not provide response and the log says the 255-byte length exceeded
Thanks a bunch for looking into this
On Apr 24, 2018, at 0:48, Anoop P Alias notifications@github.com wrote:
I tried to split this in geoDNS and it is providing 2 response when queried but doesn't seem to be valid. Online DKIM tester tools all return errors.
Hm. My best guess is that GeoDNS randomizes the order. The easiest fix is probably to teach it to split long txt records and preserve the order in that case.
@abh - geoDNS automatically handling the long TXT record would be fabulous.
geoDNS does not support txt records with more than 255 char . But I am facing issues in splitting up a very big DKIM record .
xyz: { "txt" : [" firstpartof string","secondpart"]}
This seems to work and geoDNS provide the 2 records in query , but the DKIM is shown as invalid
Is there a way around to add such DKIM record, all the notes I have read say ..if we just pass the 2 records, the client DKIM checker must concatenate and use it
https://kb.isc.org/article/AA-00356/0/Can-I-have-a-TXT-or-SPF-record-longer-than-255-characters.html