Invalid DKIM Signature

0

I currently have an identity whose name is outflow.agency, it is verified. The DNS I am using is route 53 and that is where the txt record for the DKIM key is located. Recently we realized that our emails are arriving to the spam folder and when I tried to verify through mxtoolbox I found the following DKIM error “Syntax Check The record is not valid” Additionally I did a test with dkimvalidator.com and the result obtained is “public key: syntax error” I would like to know if someone can give me some suggestions please.

Route 53 record settings:

Selector = google._domainkey.outflow.agency Type= TXT Alias = NO TTL = 300 Addressing policy = Simple Value = "v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiRBF00NjISgrr2k7690lJi8NEnThhkO+UoFjF6u0HJXqk2pZj3ziCJTxu4lF69bXQvXIw+7EvGUE+nOWcXa" "HrMUSePDEQ6lzwWXhtEh1DYKA5BhATa24bqpQcPY7CV4IUsZT/IlPCop5r/FZhjTJ0mpdF1h9XkF05NfF6QfwHjG/FOLBwSPp1Z9qxEm+VPWImJb8Gbx4tQ5orgf/" "PH6uO6RSNWZ6OuYeVWAGQcRF35wb6z1MwMjqw+f2bp9tqLD2+m2mvG5Aa8i+IysLx20cJsmr3UV0n893zbuIzZD3b1OoQSrBAxpS9hLhT1WiOVCaYxrv2MRXJ" "HFWQ7q/SxyzoQIDAQAB"

Attached are the results of dkimvalidator:

DKIM Information: DKIM Signature

Message contains this DKIM Signature: DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outflow.agency; s=google; t=1724794658; x=1725399458; darn=dkimvalidator.com; h=to:subject:message-id:date:from:mime-version:from:to:cc:subject :date:message-id:reply-to; bh=2ZaYRW1ZPlaD2rAZ93vC9ynrIhVGPqy6HGFFjYaJ3fTw=; b=ZWD7VG7GdS8Em5NvBZuhZY2Ttx3+uIheQq8cjSWVVgDCHxZHKxpmnPtqZgpo0i0bPzR 5ebD/mqAvYNeICZpMC6wYVm3velH+ReJU+NFqjPzZoYP0KgjcM9oSwWMnRIdXyUZ7l3J QQi5ipiPi06Q8meZG3VLTwlbhv+luzrjxIvak0zaTspvnbVPDXcV+aXqIaapu96d2tIP jytuW0uvwRsQMUjkyCwTvTWWWCJJNXPjgaduSbLW7cgW1yRJ6UbPNW1IRQJ0bvdg4rHj9 6nmkks0NICl4DCNCUaj3NJ08BEQCLfQWhWWvAZVr9HureydbDt0OGvbsoRHUN/CyvdsrJ O67w==

Signature Information: v= Version: 1 a= Algorithm: rsa-sha256 c= Method: relaxed/relaxed d= Domain: outflow.agency s= Selector: google q= Protocol:
bh= 2ZaYRW1ZPlaD2rAZ93vC9ynrIhVGPqy6HGFFjYaJ3fTw= h= Signed Headers: to:subject:message-id:date:from:mime-version:from:to:cc:subject :date:message-id:reply-to b= Data: ZWD7VG7GdS8Em5NvBZuhZY2Ttx3+uIheQq8cjSWVVgDCHxZHKxpmnPtqZgpo0i0bPzR 5ebD/mqAvYNeICZpMC6wYVm3velH+ReJU+NFqjPzZoYP0KgjcM9oSwWMnRIdXyUZ7l3J QQi5ipiPi06Q8meZG3VLTwlbhv+luzrjxIvak0zaTspvnbVPDXcV+aXqIaapu96d2tIP jytuW0uvwRsQMUjkyCwTvTWWWCJJNXPjgaduSbLW7cgW1yRJ6UbPNW1IRQJ0bvdg4rHj9 6nmkks0NICl4DCNCUaj3NJ08BEQCLfQWhWWvAZVr9HureydbDt0OGvbsoRHUN/CyvdsrJ O67w==

Public Key DNS Lookup

Building DNS Query for google._domainkey.outflow.agency Retrieved this publickey from DNS: “HrMUSePDEQ6lzwWXhtEh1DYKA5BhATa24bqpQcPY7CV4IUsZT/IlPCop5r/FZhjTJ0mpdF1h9XkF05NfF6QfwHjG/FOLBwSPp1Z9qxEm+VPWImJb8Gbx4tQ5orgf/ Validating Signature

result = invalid Details: public key: syntax error

2 Answers
2

Looks like you have some extra quotation marks (") and maybe some whitespace characters in your DKIM value.

I removed the extra quotations marks and whitespace characters from your record and it works for me in Route 53.

You can see my results on MXToolbox DKIM checker using your record.

Copy and paste the following value into your DKIM record and it should work.

"v=DKIM1;k=rsa;p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiRBF00NjISgrr2k7690lJi8NEnThhkO+UoFjF6u0HJXqk2pZj3ziCJTxu4lF69bXQvXIw+7EvGUE+nOWcXaHrMUSePDEQ6lzwWXhtEh1DYKA5BhATa24bqp""QcPY7CV4IUsZT/IlPCop5r/FZhjTJ0mpdF1h9XkF05NfF6QfwHjG/FOLBwSPp1Z9qxEm+VPWImJb8Gbx4tQ5orgf/PH6uO6RSNWZ6OuYeVWAGQcRF35wb6z1MwMjqw+f2bp9tqLD2+m2mvG5Aa8i+IysLx20cJsmr3UV0n893zbuIzZD3b1OoQSrBAxpS9hLhT1WiOVCaYxrv2MRXJHFWQ7q/SxyzoQIDAQAB"

Note: There are quotations marks at the beginning, at the end, and in the middle. This is due to the 256 character limit in Amazon Route 53.
If you need to enter a value longer than 255 characters, break the value into strings of 255 characters or fewer, and enclose each string in double quotation marks (").

profile pictureAWS
Tracy H
answered a month ago
0

To solve the problem just add a pair of double quotes and a space between each string:

"v=DKIM1; k=rsa; p=" "MII...EndofKeyOne" "4tOt...EndofKeyTwo" "5tAi...EndofKeyThree"........

Orlando
answered a month ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions