# DKIM DNS entry



## cbrace (Dec 19, 2014)

Hi all,

I installed mail/opendkim and got it working with mail/postfix without much difficulty. That is to say, my outgoing mails now include an DKIM entry in the header.

However, I can't seem to get the corresponding DNS entry working properly so that remote servers can verify the DKIM.

I'm using what seems in general to be the default selector, "mail". So, at my hosting company, transip.nl, I created this entry for one of my domains:


```
Name: mail._domainkey.nuj-netherlands.nl
Type: TXT
Value: "v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC54UGWZmOfphYNVJ1zrDuFWc2caAU7FSTO/XeBN8Bcr1MUT2GcI1hEbw6s/CloLNknEzgo7Zzrls4cmcgDRuGbtXxhHoA8Z6CLYyMrgEyyjE+SyHk860ASH9T6pGzDPWsDHV8O8bIg5AP9Nd34YMtWryJAXJMouYcFDiCs0PV/5wIDAQAB"
```
But it isn't working. Neither of these can verify it:
DomainKey Policy Record Tester
DomainKey Selector Record Tester

On the command line, this doesn't return the dkim entry:

```
$ drill mail._domainkey.nuj-netherlands.nl txt
```
What am I missing here?

Thanks


----------



## SirDice (Dec 19, 2014)

Keep in mind it may take a while (even hours) for changes to a DNS zone file to be replicated throughout the rest of the internet.


----------



## cbrace (Dec 19, 2014)

Thanks, but I did this yesterday and set the TTL for this TXT entry to five minutes.


----------



## AndyUKG (Dec 22, 2014)

Hi,

  your DNS entries look ok to me, try testing here instead:

http://dkimcore.org/c/keycheck

also try just emailing yourself to a freemail account and checking the mail headers for the DKIM part,

thanks, Andy.


----------



## cbrace (Dec 22, 2014)

It's working now. The first time I added TXT records, I used the wrong name. I tried editing that field but it made no difference. I finally deleted the entries and re-entered them -- and this time they were visible within a few minutes.


----------

