SES DKIM CNAME Record in Route53 Hosted Zone won't Propagate - others will
0
Created a hosted zone in Route 53 and updated NS in Godaddy to new zone NS servers:
; <<>> DiG 9.10.6 <<>> -t NS onejustice.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 26363
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 9
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;onejustice.org. IN NS
;; ANSWER SECTION:
onejustice.org. 172800 IN NS ns-1460.awsdns-54.org.
onejustice.org. 172800 IN NS ns-1944.awsdns-51.co.uk.
onejustice.org. 172800 IN NS ns-931.awsdns-52.net.
onejustice.org. 172800 IN NS ns-106.awsdns-13.com.
;; ADDITIONAL SECTION:
ns-106.awsdns-13.com. 97988 IN A 205.251.192.106
ns-106.awsdns-13.com. 97362 IN AAAA 2600:9000:5300:6a00::1
ns-1460.awsdns-54.org. 97965 IN A 205.251.197.180
ns-1460.awsdns-54.org. 99830 IN AAAA 2600:9000:5305:b400::1
ns-1944.awsdns-51.co.uk. 98337 IN A 205.251.199.152
ns-1944.awsdns-51.co.uk. 100366 IN AAAA 2600:9000:5307:9800::1
ns-931.awsdns-52.net. 97899 IN A 205.251.195.163
ns-931.awsdns-52.net. 98467 IN AAAA 2600:9000:5303:a300::1
;; Query time: 119 msec
;; SERVER: 2001:558:feed::1#53(2001:558:feed::1)
;; WHEN: Mon Apr 22 13:30:49 MDT 2024
;; MSG SIZE rcvd: 356
Adding CNAME records for SES DKIM verification and one specific record is not resolving but the others are.
Resolved Record:
; <<>> DiG 9.10.6 <<>> -t CNAME a6q675g7oifc6cuo72aad7xnp3o32srg._domainkey.onejustice.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 14706
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;a6q675g7oifc6cuo72aad7xnp3o32srg._domainkey.onejustice.org. IN CNAME
;; ANSWER SECTION:
a6q675g7oifc6cuo72aad7xnp3o32srg._domainkey.onejustice.org. 1800 IN CNAME a6q675g7oifc6cuo72aad7xnp3o32srg.dkim.amazonses.com.
;; Query time: 156 msec
;; SERVER: 2001:558:feed::1#53(2001:558:feed::1)
;; WHEN: Mon Apr 22 13:32:12 MDT 2024
;; MSG SIZE rcvd: 152
Unresolved Record:
; <<>> DiG 9.10.6 <<>> -t CNAME f7ym57tjf727ox66lt5o2e3lj65jhygo._domainkey.onejustice.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 35927
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;f7ym57tjf727ox66lt5o2e3lj65jhygo._domainkey.onejustice.org. IN CNAME
;; Query time: 140 msec
;; SERVER: 2001:558:feed::1#53(2001:558:feed::1)
;; WHEN: Mon Apr 22 13:32:26 MDT 2024
;; MSG SIZE rcvd: 87
I've recreated the record and set the TTL to 300 - all three DKIM verification records have been set to that. This one is a mystery to me and any help would be appreciated!
--
**This is the SES DKIM Record value:
**
**This is the R53 record details:
**
No Answers
- Newest
- Most votes
- Most comments
Relevant content
- asked 7 months ago
- Accepted Answerasked 5 years ago
AWS OFFICIALUpdated 2 years ago- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 9 months ago
- AWS OFFICIALUpdated a year ago
Not sure why that one record is not propagating.
I would suggest deleting all the three records and generate a new set of DKIM CNAME records and try verifying them.