View All Products
Compute
Storage
Databases
Networking
Developer Tools
Delivery
Security
Services
Industries
Pricing
Community
Engage With Us
Community Questions DKIM key length
Log in to Ask a Question

DKIM key length

none

Does the Linode DNS system support 2048-bit signing keys for DKIM?

Also, is there an API for setting the value of a DNS TXT record (so I can automate changing my DKIM signing key periodically)?

-- sw

2 Replies

Linode Staff

Hey there,

In short, we don't natively support this in our DNS Manager because there's a 255 character limit. There is a way to break up your keys in the manager so that it will work. It would look something like this:

mail._domainkey    IN    TXT    ("v=DKIM1; k=rsa; s=email; ..."
mail._domainkey    IN    TXT    "$KEY_CONTNUED...")

If you notice, you will need to add ( in the first txt record then finish it with ) in the second record. If you have more than 510 characters, you can make a third record in the middle without parentheses. It would look like this:

mail._domainkey    IN    TXT    ("v=DKIM1; k=rsa; s=email; ..."
mail._domainkey    IN    TXT    $KEY_CONTINUD
mail._domainkey    IN    TXT    "$KEY_CONTNUED...")
Linode Staff

I just wanted to cross-post this other answer regarding DKIM length!

In the recent past our DNS Manager was updated so that it will now automatically split txt values longer than 255 and wrap the resulting strings in double quotes. You will not need to do this manually. Simply insert the complete string into the txt value field and hit save.

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Log in to Reply
Community Code of Conduct