search

mail-in-a-box / mailinabox

Mail-in-a-Box helps individuals take back control of their email by defining a one-click, easy-to-deploy SMTP+everything else server: a mail server in a box.
https://mailinabox.email/
Creative Commons Zero v1.0 Universal
13.98k stars 1.44k forks source link

Cannot use DomainKey with Route53 #656

Open Futurama56 opened 8 years ago

Futurama56 commented 8 years ago

I have followed the instructions here (at bottom) : https://stelfox.net/blog/2014/07/spf-and-dkim-records-in-route-53/

But if appears the DomainKey key is still too long for Route53, even with the special formatting.

Please advise!

aspdye commented 8 years ago

I think this is not an problem by Mail-in-a-Box. You should ask the Amazon AWS Customer Support for help. I dont know if they would provide you any information about this behaviour of their DNS :sweat_smile:

If they would would provide us more information and dependencies about how long the Key should be for using it with Route 53 - then we could integrate this into Mail-in-a-Box.

ghost commented 8 years ago

hi i use the route 53 also its problem about the key is too long the soliton i found here https://stelfox.net/blog/2014/07/spf-and-dkim-records-in-route-53/ just split the key like this "v=DKIM1; k=rsa; t=y; s=email; " "p=MIHfMA0GCSqGSIb3DQEBAQUAA4HNADCByQKBwQC2Cwpa/+Xhfkzn0QnyQoxRwoJPb+s51dIt9UtFLMlMFuYa/k3GBwZ7UWeyAaQJ3RibSzKV/YwgFuMrzyISrLNSuL2k1bQlQQG8nl23Mu9Mowcb+mV2/3G7roshK6kOLNA0IV2SBl8/0UoNZR/x7c1lzVtVqdj0vW1SsJzgGfbt4LGRvCPyjdg+SLpYtOd/Li4Y1pvHgSRKQRrklpKeJo" "nJQ4+lXWqzYtuX9xdNH46ck2HUl56Ob4cy3/gYCJBWrAsCAwEAAQ==" its worked for me :) goodluck

ghost commented 8 years ago

I replaced My key With the key in the exemplar and be sure to make at toon for this ( " )the code must look like this "first part" " second part" the second part may be 2 last line of code.

ghost commented 8 years ago

The key look like this when you enter in route53

"v=DKIM1; k=rsa; t=y; s=email; p=MIHfMA0GCSqGSIb3DQEBAQUAA4HNADCByQKBwQC2Cwpa/+Xhfkzn0QnyQoxRwoJPb+s51dIt9UtFLMlMFuYa/k3GBwZ7UWeyAaQJ3RibSzKV/YwgFuMrzyISrLNSuL2k1bQlQQG8nl23Mu9Mowcb+mV2/3G7roshK6kOLNA0IV2SBl8/0UoNZR/x7c1lzVtVqdj0vW1SsJzgGfbt4LGRvCPyjdg+SLpYtOd/Li4Y1pvHgSRKQRrklpKeJo" "nJQ4+lXWqzYtuX9xdNH46ck2HUl56Ob4cy3/gYCJBWrAsCAwEAAQ=="

JoshData commented 8 years ago

Someone please document this somewhere...

a-schaefers commented 7 years ago

here you go, https://github.com/mail-in-a-box/mailinabox/issues/1152

alexweissman commented 7 years ago

Another option is to create a separate, 1024-bit key for DNS services that do not support 2048-bit keys. See my post on the Discourse forum: https://discourse.mailinabox.email/t/dkim-signature-header-exists-but-is-not-valid/1968/5?u=alexweissman

The only problem that I'm running into now, is that something seems to be periodically overwriting my KeyTable file, so that it no longer points to the custom DKIM key I created.

alexweissman commented 7 years ago

Actually, it would appear that MIAB itself might be overwriting my KeyTable when it calls do_dns_update: https://github.com/mail-in-a-box/mailinabox/blob/86621392f6870e8734636e628cc725d626441a4d/management/dns_update.py#L93-L94