Hi, Mike - The value of the TXT record for mysmtp._domainkey.1click-email.com looks a bit dodgy to me: dig is displaying the value enclose within double-quotes. If you look at the end you'll see the value (within the double-quotes) finishes with
\" I can't remember off the top of my head whether the public key can be enclosed within double-quotes in the value, but usually it isn't. Certainly having one double-quote at the end and none at its start is wrong: it's not balanced! Try having a look at our key if you like to see how our public key is listed: dig 20160523.google._domainkey.york.ac.uk. txt Note that because we use a 2048-bit key the value is long so is broken into two parts, each enclosed within double-quotes. However the p= public key value itself is *not* enclosed in double-quotes within the overall record. Cheers, Mike B-) On 31 March 2017 at 17:20, Mike Tubby <[email protected]> wrote: > I'm getting DKIM public key parse errors with a few sites such as > 1click-email.com: > > > 2017-03-31 16:01:25 CONNECT: Accepting connection from: 185.163.190.90 - > not blocked by any RBL > 2017-03-31 16:01:25 HELO: Accepted HELO/EHLO relay843.mysmtp3.com from > remote host: 185.163.190.90 (relay843.mysmtp3.com) > 2017-03-31 16:01:25 MAIL: SPF Result=pass (1click-email.com / > relay843.mysmtp3.com [185.163.190.90]) > 2017-03-31 16:01:25 MAIL: Accept from: bounce-a806-20059-20395-96d520 > [email protected] host: relay843.mysmtp3.com > [185.163.190.90] > 2017-03-31 16:01:25 no IP address found for host localhost.localdomain > (during SMTP connection from relay843.mysmtp3.com [185.163.190.90]) > 2017-03-31 16:01:25 RCPT: SPF Result2=pass (1click-email.com / > relay843.mysmtp3.com [185.163.190.90]) > 2017-03-31 16:01:26 1cty3J-0003DR-Ok DKIM: d=1click-email.com s=mysmtp > c=simple/simple a=rsa-sha256 b=1024 t=1490957772 [invalid - syntax error in > public key record] > > > Digging into it a bit further ;-) I find: > > > root@relay1:/var/log/exim# dig mysmtp._domainkey.1click-email.com txt > > ; <<>> DiG 9.9.5-3ubuntu0.13-Ubuntu <<>> mysmtp._domainkey.1click-email > .com txt > ;; global options: +cmd > ;; Got answer: > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 5348 > ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 3 > > ;; OPT PSEUDOSECTION: > ; EDNS: version: 0, flags:; udp: 4096 > ;; QUESTION SECTION: > ;mysmtp._domainkey.1click-email.com. IN TXT > > ;; ANSWER SECTION: > mysmtp._domainkey.1click-email.com. 3448 IN TXT "v=DKIM1\; k=rsa\; > p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDjhzHudEPNFL21OHfqaD > Z6BR2tHdFanOLg/EdFDIXzBGMBdzNPkYIHlsT/Wj+QVwy81k+0VQ+lnHzNpi > 50R/NE6mzemXTfUROp93iErT8QZsDLCN2Iwyumhh81miit3+362xNgUDF0t3 > C7URff0gsQi61GLsk8JrUuYxvhaDN3AwIDAQAB\"" > > ;; AUTHORITY SECTION: > 1click-email.com. 153782 IN NS ns41.domaincontrol.com. > 1click-email.com. 153782 IN NS ns42.domaincontrol.com. > > ;; ADDITIONAL SECTION: > ns41.domaincontrol.com. 65728 IN AAAA 2607:f208:206::15 > ns42.domaincontrol.com. 65728 IN AAAA 2607:f208:302::15 > > ;; Query time: 0 msec > ;; SERVER: 127.0.0.1#53(127.0.0.1) > ;; WHEN: Fri Mar 31 17:13:11 BST 2017 > ;; MSG SIZE rcvd: 419 > > > > ... and over at ProtoDave.com his DKIM public key checker checks out with > 'success' and says the key is okay. > > > Who to believe? Is Exim correct or ProtoDave correct or is there a corner > case and Exim is being a bit too picky? > > > > Mike > > > -- > ## List details at https://lists.exim.org/mailman/listinfo/exim-users > ## Exim details at http://www.exim.org/ > ## Please use the Wiki with this list - http://wiki.exim.org/ > -- Systems Administrator & Change Manager IT Services, University of York, Heslington, York YO10 5DD, UK Tel: +44-(0)1904-323811 <01904%20323811> Web: www.york.ac.uk/it-services Disclaimer: www.york.ac.uk/docs/disclaimer/email.htm -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
