-1

I am running a business site on a computer with a managed hosting company. Everything is working fine, until I tried to establish DKIM verification for emails sent from the server. This required adding a TXT record to the DNS information. That TXT record contains an encryption key, so it's a bit over 400 characters long. I couldn't get DKIM working, then discovered that the online DKIM checkers don't retrieve that TXT record accurately. What they retrieve is three or four characters short of the real record, so the record appears invalid. The hosting company has verified this, suspects the problem is in their house, and is working on fixing the problem. Is there a way I can have that one TXT record for the business domain hosted on another server, for example Google's Public DNS? I'm not certain whether this could work. Thanks!

user533604
  • 9
  • 3
    show us the domain else it will be very hard to help you – djdomi Aug 01 '21 at 17:15
  • "What they retrieve is three or four characters short of the real record," You may have a problem in how you stored/publish the TXT record (that is limited to strings of 255 bytes of length), so if you had given the record involved people could have seen it and better helped you. – Patrick Mevzek Aug 02 '21 at 17:40

1 Answers1

3

It depends on the exact details. In the cases where a CNAME is valid, you could add a CNAME which you could use to have your records exist in another zone hosted somewhere else.

# example.org zone (on bad ISP)
foo.example.org. IN CNAME foo.delegated.example.org.

delegated.example.org. IN NS goodisp-ns1.whatever

# delegated.example.org has been delegated to other ISP
foo.delegated.example.org. IN TXT "blah blah blah ..."

But a CNAME wouldn't be valid in all places.

For example you couldn't have it at the root of the zone.

Also, it may be possible that some software that checks the TXT record won't follow a CNAME.

Zoredache
  • 130,897
  • 41
  • 276
  • 420
  • "Also, it may be possible that some software that checks the TXT record won't follow a CNAME." That software would be wrong as not following the DNS specifications. `CNAME` HAVE TO be followed, no matter what (with some protections to frame the length of CNAME chains and possible loops) – Patrick Mevzek Aug 02 '21 at 17:39
  • @PatrickMevzek I agree, that not following the CNAME was wrong. But I am pretty sure I remember something buggy 10-15 years ago that didn't do the right thing. I think I recall the dev was trying to do some super-strict checking and specifically checked for a CNAME in the results and rejected if it was a CNAME. – Zoredache Aug 02 '21 at 19:19