DKIM records properly resolved but empty

0

Hi,
I'm struggling with the DKIM configuration on the SES - the situation is as follows:

  • DKIM: enabled
  • DKIM Verification Status: verified
  • all the three records generated by Amazon are properly resolved from my domain to *.dkim.amazonses.com domains.

However, for 2 out of 3 when I do
"nslookup -q=TXT here_goes_my_id.dkim.amazonses.com"
I get:
Non-authoritative answer:
here_goes_my_id.dkim.amazonses.com text = ""

Only one of them have proper "p=publickey" content set for the text field.
What could be the problem?
This is an old configuration, and I only discovered that due to some delivery issues reported recently.

aws-ms
asked 3 years ago833 views
4 Answers
0
Accepted Answer

Hi,

This is as expected and won't cause delivery issues. Only one record is active at a time; the other 2 are used when keys are rotated.

You can see more details in this blog post: https://aws.amazon.com/blogs/messaging-and-targeting/dkim-troubleshooting-series-your-dkim-status-is-pending/

AWS
answered 3 years ago
profile picture
EXPERT
reviewed 4 months ago
0

Thank you, that explains a lot! :)

aws-ms
answered 3 years ago
0

I have set up everything correctly as well and everything shows as verified. Yet, every time I send out an email and I check its raw source the DKIM fails. It always says DKIM=fail

Why is that happening?

tsader
answered 2 years ago
0

You are replying to an answered thread. Post your question in a new thread. Make sure you provide details of your implementation and configuration.

Edited by: mdibella on Nov 17, 2021 7:06 PM

answered 2 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions