Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Connect » DKIM and NetworkSolutions (TXT record too long?)
  •  
jelockwood

Messages: 41
Karma: 1
Send a private message to this user
Our domain is hosted by NetworkSolutions although we run our own Kerio Connect server. I am trying to setup DKIM for our domain. When I initially tried this I had the original 2048bit private key in Kerio (for DKIM) and NetworkSolutions website complained the resulting TXT record was too long.

I therefore followed the instructions here http://kb.kerio.com/product/kerio-connect/server-configurati on/security/configuring-dns-for-dkim-1483.html#sect-getpubli ckey for generating a shorter 1024bit key and have successfully installed it in Kerio Connect and it has resulted in a shorter public key.

Unfortunately even this shorter key is still considered too long by NetworkSolutions, their limit is 256 characters and the shorter public key including the

Record name: mail._domainkey.example.com.
TXT value: v=DKIM1;

stuff is in my case a total of 283 characters.

Does anyone have any experience of using DKIM with NetworkSolutions? Has anyone managed to do so? If they are (as it appears) imposing such a short limit even a short key does not work is the answer to dump them?

Thanks.
  •  
jelockwood

Messages: 41
Karma: 1
Send a private message to this user
Ok, it seems (to a novice DKIM user) that Kerio's instructions are not clear enough.

The TXT record needs to be called

mail._domainkey.example.com

and you need to have the value as the v=DKIM; p=xxxxxxxxxxx

The way the dialog in Kerio Connect is presented it says 'Copy the following text to your DNS for domain example.com' which implies copying and pasting it all as one lump. They should redesign the dialog/message to make it clearer that you should create a TXT record called

mail._domainkey.example.com

and copy and paste the rest as the value. Without the 'Record name: mail._domainkey.example.com.' the rest does now fit within the 256 character limit imposed by NetworkSolutions.

[Updated on: Tue, 07 January 2014 11:41]

  •  
lelandbay

Messages: 22
Karma: -1
Send a private message to this user
We had the same issue with Route 53 (Amazon). You can break up the key like this and still keep it as a 2048 key (I'd recommend doing so):

"mail._domainkey.domain.com. 60 IN TXT "v=DKIM1\;" " p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlGi71uhoHo42pt 6Y5bYM " " eLjkzl28vt9A1pmCgnL1U11krhSpDpxGP1oqwrF6tx6BrZO0R/WFhSvbAMiU ws5A " " W3SX9gOlk+1DwDO22iXZ33s+J2IP0tPFFWIrJNoXz+lOaCWsOqsKCEdGnQYm q3iH " " o4r8ch1fMKRg1U0OpxfN3I30bUuwPZkbqNBZ80NUgdH4Xb7EhD5xzQ2tDoLd EGIs " " BMTCDX260QAN6hAr8CW3MwtnKESSYZ2n4f7w4S/F0s1VYmUVx+lWyv1tuUoV qFpP " " 4EK2MMZ26Rxtq82Hxh51RDEuiJBKVP0d+OXiCY7Si5aYIykgfl7z4zG09ATI LG+4xQIDAQAB "
  •  
camisy

Messages: 114
Karma: 12
Send a private message to this user
JFYI; DKIM worked pretty fine for me with domainfactory.com

[Updated on: Sat, 11 January 2014 00:43]

Previous Topic: Relayhost with multiple users
Next Topic: Mobil Devices Restrict Adding unless Authorized by IT
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Fri Aug 18 06:59:17 CEST 2017

Total time taken to generate the page: 0.00365 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.