dkim: syntax error for 2024b._domainkey and 2024d._domainkey

[vipas84]

sence dns records for 2024b._domainkey and 2024d._domainkey are multy-value, I constantly receiving a parcinr error

Parsing DKIM DNS record for selector "2024d": dkim: syntax error in dkim dns record: not a dkim record: expected at least 1 char Parsing DKIM DNS record for selector "2024b": dkim: syntax error in dkim dns record: not a dkim record: expected at least 1 char

the format of record value probably getting wrong if simply copy+paste from console config output...

What should be the right format for those record values to be parsed correctly by mox?

[vipas84]

guys, please I will apriciate your ideas... i tried dozens of times... and the only idea left is to configure 2024a & 2024c for signature since they are parced by mox without issues...

[mjl-]

The output from the quickstart is in standard zone file format. Software like bind, nsd, etc understand that format. Many DNS operators only provide their own custom web interface for managing DNS records. They have varying requirements for how to input long records. You should at least make sure there is a single TXT record, containing all of the contents of the strings from the quickstart output, without any added whitespace. You could try combining all strings in a single large one, or put all the quoted strings on a single line in the record. But it will depend on what your DNS operator is expecting. Hopefully they have some examples.

If you're on irc/slack/matrix, and I'm around, we can have a look interactively.

With only working ed25519 dkim signatures, quite a few mail operators won't be able to verify your dkim signatures. They simply haven't implemented it...

[vipas84]

Here is the screenshots for "d", if we could have ideas how to solve it, I would solve the same way for "b" I'm using Cloudflare to configure dns-records

[mjl-]

Ah yes, that web interface is expecting a single raw string, without any quotes, newlines or ()'s. So the record value should start with just v=DKIM1;, etc. And you'll have to merge everything on a single line.

[vipas84]

Probably it could be a good idea to generate the signature as a single line - simply to copy and paste

[mjl-]

Probably it could be a good idea to generate the signature as a single line - simply to copy and paste

The problem is that that wouldn't be accepted in DNS zone files. And plenty of DNS operator web interfaces won't accept it either.

Modern email requires quite a few DNS records. I've heard feedback that it's quite a lot of typing/copy-pasting to setup up all the DNS records in a web interface. Some web-based DNS operators have an "import from zone" file (with varying levels of quality)... With the current zone-based suggestions, at least people who can bulk import DNS records will be able to do so. I don't want to generate 2 forms of each DNS record in the quickstart output... The future "mox setup" will be more helpful with suggesting the various forms of DNS records, and can check if the records have been set up correctly.

[vipas84]

Probably I was not clear with insight I wanted to share with you 1) copy&paste a lot of records is much better than compy & paste something that does not work and requires extra processing (remove "", and concantinate strings into a single string) 2) Parcer works differentlt for different records

• for a & c it parces great ""
• for b & d it does not parce ""

Probably its better to remove "" at all or fix parcer for "b" "d" to skip "" and concantinate strings inside ""

[vipas84]

Now, for me set up is done and works, but I've spent 20 hours to try to figure out all the tricks to make it work. So detailed opinionated step-by-step official guide will help new user of mox. I believe its a show stopper of massive adoption of this greate solution: community will not grow beyond few dozens of people... IMHO

[mjl-]

Thanks for the feedback, much appreciated. I agree there are a few too many ways to run into trouble, causing setup to take longer than it should. I think I understand your point about the DNS records. Perhaps the suggested records with the () and ""s (which are valid zone file records) benefit fewer people than having a long record on a single line. I didn't mention it before, but also part of the reason to use valid zone flie syntax is that the integration tests use the quickstart output to configure a dns server to test the resulting setup of a quickstart.

I think the future "mox setup" command will make it easier and less error-prone to setup mox. I'm going to put it higher on the priority list.