DKIM with Google Domain DNS Hosting

Trying to set up DKIM and I’m failing validation(dmarcian) because google is parsing the public key by appending quotation symbols in the record. When I paste it in the validation tool it fails but when I remove the quotes and line breaks it succeeds. I tried copying/pasting the key without the quotation marks but google automatically adds them back.

Hi Philippe and welcome to the forums.

I have an idea of what you may be seeing, but this will be a guess without being able to see exactly the steps you are taking. Assuming the DKIM record you are publishing is a TXT record and not a CNAME, TXT DNS resource records must be place within quotes in DNS. However, most DNS providers will not require you to insert these quotes, they will be adding them automatically for you.

If you are publishing the record, then copy and pasting the record from a source that then shows the starting and ending quote in our validator, it will fail. as our validator expect DKIM syntax only. For example if we look at one of microsoft.com’s DKIM key by doing a dig lookup.

selector2-microsoft-com._domainkey.microsoft.onmicrosoft.com. 3600 IN TXT “v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCPkb8bu8RGWeJGk3hJrouZXIdZ+HTp/azRp8IUOHp5wKvPUAi/54PwuLscUjRk4Rh3hjIkMpKRfJJXPxWbrT7eMLric7f/S0h+qF4aqIiQqHFCDAYfMnN6V3Wbke2U5EGm0H/cAUYkaf2AtuHJ/rdY/EXaldAm00PgT9QQMez66QIDAQAB;”

You may notice the pair of quotes above. While they need to exist in DNS, you leave them out when using our validation tool. The reasoning as they relate to the DNS TXT record spec rather than DKIM specifically.

I hope this relates to what you are seeing, and helps make sense.

-AM