Rio_10
asked on
DKIM CNAME for office 365
Hi Experts,
DKIM CNAME for office 365, i have the 2 values in my godaddy DNS but when I run a DKIM test using DMARC analyzer or MXTOOLBOX it fails
selector1._domainkey.abc.c om
selector1-abc-com._domaink ey.tennant name.onmic rosoft.com
selector2._domainkey.abc.c om
selector2-abc-com._domaink ey.tennant name.onmic rosoft.com
DKIM CNAME for office 365, i have the 2 values in my godaddy DNS but when I run a DKIM test using DMARC analyzer or MXTOOLBOX it fails
selector1._domainkey.abc.c
selector1-abc-com._domaink
selector2._domainkey.abc.c
selector2-abc-com._domaink
You are not giving us much to work with. In general, that's how the records should look like. Have you made sure that they have propagated already, can you resolve the CNAMEs externally and the actual TXT record for the key? Have you enabled it on O365 side, what does Get-DkimSigningConfig show?
ASKER
ok, i got a little futher but im getting an error with MXTOOLBOX but DMARC Analyzer is ok
The correct syntax is
selector1_domainkey
selector1-abc-com._domaink ey.tennant name.onmic rosoft.com
Below is the output for MXTOOLBOX
dkim:abc.com.com:selector1 Find Problems
Error
v=spf1 ip6:fd1d:f5c3:e7c6::/48 -all
ag TagValue Name Description Error
v spf1 ip6:fd1d:f5c3:e7c6::/48 -all Version The DKIM record version. Version MUST have the value of 'DKIM1' (all capitals)
p Public Key Public-key data. The syntax and semantics of this tag value before being encoded in base64 are defined by the (k) tag. Missing from public DNS record
Test Result
DKIM Syntax Check The record is not valid More Info
DNS Record Published DNS Record found
DKIM Record Published DKIM Record found
DKIM Public Key Check Public key is present
The correct syntax is
selector1_domainkey
selector1-abc-com._domaink
Below is the output for MXTOOLBOX
dkim:abc.com.com:selector1
Error
v=spf1 ip6:fd1d:f5c3:e7c6::/48 -all
ag TagValue Name Description Error
v spf1 ip6:fd1d:f5c3:e7c6::/48 -all Version The DKIM record version. Version MUST have the value of 'DKIM1' (all capitals)
p Public Key Public-key data. The syntax and semantics of this tag value before being encoded in base64 are defined by the (k) tag. Missing from public DNS record
Test Result
DKIM Syntax Check The record is not valid More Info
DNS Record Published DNS Record found
DKIM Record Published DKIM Record found
DKIM Public Key Check Public key is present
ASKER
If i look at the DNS domains in Office 365 tenant i see this
TXT
-
selector1-abc.com._domaink ey
v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUA A4GNADCB..
TXT
-
selector1-abc.com._domaink
v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUA
Looks like an issue with the MX toolbox validator to me...
No it is an error in the cname...
Appearantly you have connected the DKIM selector (a TXT record starting with v=DKIM1..."
pointing to the SPF record, (which starts with "v=SPF1...) which indeed is not a DKIM selector.
Or the wrong test was specified for MXTOOLBOX.... i do known MXTOOLBOX is not the confused toolkit.
it looks like there is a *.com.com TXT records that contains a spf record....
Maybe try again with more valid data. The *.com.com spf records doesn't hold a microsoft entry as well...
Appearantly you have connected the DKIM selector (a TXT record starting with v=DKIM1..."
pointing to the SPF record, (which starts with "v=SPF1...) which indeed is not a DKIM selector.
Or the wrong test was specified for MXTOOLBOX.... i do known MXTOOLBOX is not the confused toolkit.
it looks like there is a *.com.com TXT records that contains a spf record....
Maybe try again with more valid data. The *.com.com spf records doesn't hold a microsoft entry as well...
This question needs an answer!
Become an EE member today
7 DAY FREE TRIALMembers can start a 7-Day Free trial then enjoy unlimited access to the platform.
View membership options
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.