DKIM not working with Mircrosoft
Microsoft still throws up an error saying it can not see the CNAME records. If you look at the images, the undeen CNAME records are identical to the ones in Route 53. Microsoft asked me to ask you. There are no solutions here, hence the post.
- Più recenti
- Maggior numero di voti
- Maggior numero di commenti
Thank you very much Gary! I added these name servers, will it work, its still propagating
- Goto the mail.adroit-di.com hosted zone
- Expand the Hosted Zone Details at the TOP.
- Make a note of the 4 Name servers
- Goto adroit-di.com zone
- Update the NS record for mail.adroit-di.com with the details from step 3
DO NOT Add any other details. Ensure you remove 8.8.8.8 from ALL records as its not authoritative for your domain.
Then it will work
Looks like its working now.. If I have helped solved your issue, Id apprecaite if you could accept the answer. Cheers Gary
I understand you're having issues with DKIM not working with Microsoft, despite having set up the CNAME records in Route 53. This can be a frustrating situation, but let's try to troubleshoot the problem.
First, it's important to note that DKIM records can sometimes take up to 72 hours to fully propagate across the internet. If you've recently added these records, you may need to wait a bit longer for Microsoft's systems to recognize them.
However, if it's been more than 72 hours, there could be other issues at play:
-
Record format: Ensure that the CNAME records are formatted correctly. Sometimes, DNS providers automatically append the domain name to records, which can cause issues. Double-check that the record names haven't been unintentionally changed or duplicated.
-
DNS propagation: Use a tool like MXToolbox to verify that your DKIM CNAME records are resolving correctly globally. If they're not, there might be an issue with your DNS configuration in Route 53.
-
TXT record queries: Some DNS providers have trouble redirecting CNAME records to TXT records, which is necessary for DKIM. Ensure that your DNS servers can respond to TXT record queries as well as CNAME record queries.
-
Record splitting: If your DKIM key is particularly long, it may need to be split into multiple strings due to DNS protocol limitations of 255 characters per string.
-
Removal of domain name: When creating the DNS record in your zone, try removing your domain name from the record. You may be inadvertently doubling up the domain name, preventing proper resolution.
If you've verified all of these points and the issue persists, you may need to contact AWS Support for more specific guidance based on your account and domain configuration. They can help investigate why Microsoft is unable to see the CNAME records that are visible in your Route 53 configuration.
Sources
How to set a DKIM record for a domain hosted within Route 53 when the mail server is not in AWS | AWS re:Post
Adding DKIM recrods. for verify.. | AWS re:Post
Troubleshooting DKIM problems in Amazon SES - Amazon Simple Email Service
DKIM Verification Stuck in "Pending" for domain | AWS re:Post
I am afraid your subdomain mail.adroit-di.com is not correctly configured.
Do you have NS records in your adroit-di.com zone to point to the name servers for mail.adroit-di.com? As I do not see these.
You can confirm this here too https://dnschecker.org/ns-lookup.php?query=mail.adroit-di.com&dns=google
Soon as you create the NS records, the mail domain will start working
Heres how https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/CreatingNewSubdomain.html
Contenuto pertinente
- AWS UFFICIALEAggiornata 6 mesi fa
Afraid again your NS records are incorrect. Each Zone will have its own different set of NS records. Here you have duplicated the NS records for your Zone. adroit-di.com which will not work I am afraid but you are almost here. Remove 8.8.8.8 from ALL your NS Records as this is not valid
To help, Ive Created a new answer with the steps to follow