Can not activate DKIM for a domain

Problem reported by David - 8/29/2023 at 10:57 AM

Submitted

I have 2 domains on Smartermail. On one, DKIM was activated a long time ago (some much older SM version) and that works.

On another domain I am trying to activate DKIM today. I have put a DNS record, it's active, it's propagated, I can check it with any global propagation tool and all is well.

However, when I go back to Smartermail and click Enable button it starts DNS checking and then reports (again and again): "Before enabling DKIM Email Signing, the TXT record below must be added to your DNS server."

I have done that already many hours ago. I tried regenerating the key and putting a new key in DNS TXT record. Waited for propagation, but still SM doesn't want to activate DKIM. It looks like SM doesn't check DNS properly - it's unable to see that the record exists on my DNS and won't let me activate DKIM.

9 Replies

Reply to Thread

David Replied

8/29/2023 at 11:00 AM

This is the TXT record SM want me to create:
Record name: 8DBA8A503B29CA2._domainKey

Record value: v=DKIM1; k=rsa; h=sha256; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQD2xQYKyM1+4T/Dr/sx/HgnEA4UFBWdRESxdsegfR7RbuZkWwn5ONC27Xe+RE3lnMkpkfWFvUHgEJmAD6gxchhZyMjZzOtu+KUDgP8se1SlWp129YRq/h4VJOaFECmxdl71dIeqXt6JsyVx2UO+GCbOmSXan0iFja+9MQJANxWkgwIDAQAB

And this is the record that I've created: 8DBA892D3004272._domainkey.lambda.hr

I can check the record via any online DNS tool and confirm that it's added corrently.

> dig 8.8.8.8 8DBA892D3004272._domainkey.lambda.hr TXT +short

"v=DKIM1; k=rsa; h=sha256; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQD2xQYKyM1+4T/Dr/sx/HgnEA4UFBWdRESxdsegfR7RbuZkWwn5ONC27Xe+RE3lnMkpkfWFvUHgEJmAD6gxchhZyMjZzOtu+KUDgP8se1SlWp129YRq/h4VJOaFECmxdl71dIeqXt6JsyVx2UO+GCbOmSXan0iFja+9MQJANxWkgwIDAQAB"

Why doesn't SM see the record ? SM is configured to use 8.8.8.8 and 1.1.1.1 for DNS. When I check the record with nslookoup or dig I can see it's there and looks exactly the same as the one above.

I've tried restarting the whole server (in an effort to purge any caches) but nothing helps.

The domain I'm trying to active DKIM on is, obviously, "lambda.hr".

Zach Sylvester Replied

8/29/2023 at 12:02 PM

Employee Post

Hey David,

Thanks for reaching out. Please try the following.

Go to Settings->General
If blank add 1.1.1.1 as primary and 8.8.8.8 as secondary DNS
Save
Try to enable DKIM.

If there are already DNS servers entered in please remove the entries.
Save
add 1.1.1.1 as primary and 8.8.8.8 as secondary DNS
Save
Try to enable DKIM.

Let me know if this helps.

Thanks,

Zach Sylvester System/Network Administrator SmarterTools Inc. (877) 357-6278 www.smartertools.com

David Replied

8/29/2023 at 1:35 PM

Hi Zach,

These DNS server were already in place. I followed your post to:
1. remove them

2. save

3. re-add them

4. save

5. Tried to enable DKIM

Unfortunately that didn't help.

echoDreamz Replied

8/29/2023 at 1:50 PM

I have had a ticket open about this... there really needs to be an "force" option to enable DKIM regardless of DNS check results.

David Replied

8/29/2023 at 1:56 PM

I agree with that. That used to be possible - they changed the UI in newer versions, now it's not possible. Seems like everyone is driving the "dumb users" train...

David Replied

8/30/2023 at 5:19 PM

Well... At some point I pushed the "regenerate keys" button and that changed the required DNS record from 8DBA892D3004272._domainKey to 8DBA8A503B29CA2._domainKey. A slight change, but I missed it, so I created the wrong entry in DNS. So that was the reason it didn't work. But it still took ages for my fix to propagate and I wasn't able to complete this without waiting for a whole day before it finally worked.

What can I say now about "everyone driving the dumb user train"... :)