DKIM/DomainKey Record Not properly formatted for Plesk (Named)
Problem reported by Matthew Sine - 6/6/2017 at 7:52 AM
Hi Team,
We are in the process of adding Plesk Onyx to our offerings. We have a customer who has migrated to Smartermail 16. When we add the DKIM/DomainKey record to the Plesk interface all goes well... however the zone will not properly transfer to other DNS servers in the cluster.
When we run

named-checkzone localhost /var/named/run-root/var/anywhere.menu


on the command line of the server, we receive:

/var/named/run-root/var/anywhere.menu:27: ignoring out-of-zone data (8D4AC2F1B74A2C3._domainKey.anywhere.menu)

dns_rdata_fromtext: /var/named/run-root/var/anywhere.menu:27: syntax error


zone localhost/IN: loading from master file /var/named/run-root/var/anywhere.menu failed: syntax error


This is an issue, and we have tried this same test on several plesk boxes - even manually editing the zone file and running named-checkzone...


However, when we add the same type of record to Interworx Control Panel (DJBDNS) the record creates properly, and edge servers are properly updated.

If you have any suggestions, they are welcome...


Matthew J. Sine, General Manager8Dweb LLC
"Making the Web a Happy Place"

3 Replies

Reply to Thread
Chinmay Khandekar Replied
Marked As Resolution
Still have this problem even on Smartermail Build 6928 (Dec 20, 2018). Not sure if new help.
Adding ; in the end of the key resolves the out of zone error.


This is for those who come searching here.
Derek Curtis Replied
Employee Post
Hi, Chinmay

Just to be clear, where did you add that semi-colon? Was it in the DNS record? Within Plesk itself? Does the DKIM record validate properly outside of Plesk? Like with MXToolbox?
Derek Curtis COO SmarterTools Inc. (877) 357-6278 www.smartertools.com
Chinmay Khandekar Replied
Hello Derek,
Yes it is valid and comes up properly. is merely a line break or indicator of end to record value. 

For users of cPanel or Plesk:
Take the entire record and add ; in the end. and but them in between double quotes " " if the above doesn't work.

Below this is for Derek and Advanced users for information only:
What cPanel or Plesk does after saving with ; at the end is that it adds \ at the end before Don't be alarmed these are just indicators of end of record or separators.

But records show up without both when you view the same Public Key on MXtoolbox or DmarcAnalyzer

Though just adding p= is not the right approach. As MXToolbox also complains:
The syntax and semantics of this tag value before being encoded in base64 are defined by the (k) tag. 

On dmarcanalyzer.com complains of a missing version:
Unknown DKIM protocol version v=

These are mainly due to unconventional implementations per RFC 5863 the DKIM RFCs. You can find newer  variants here RFC8463 and RFC8301

Which are DKIM Version and Signer missing .
v=DKIM1; k=rsa; p=xyz;

This was there before SmarterMail 17 if I remember correctly.

Specifying the version and the signer are two other aspects of it apart from the key to be compliant with the DKIM standards.

Reply to Thread