Yahoo DomainKeys: Configuration Pitfalls, Tips, and Comments
I've helped a number of people configure their DNS records to support Yahoo Domain Keys over the past several weeks. There are a couple of tips that I'd like to share with the community that I'll post in this thread. I would love to hear any other feedback or comments about the instructions or DNS host requirements and configuration that you had to apply to add the TXT record.
One of the most common points of confusion is that the customer center instruction list the entire TXT record in a single string:
convio1._domainkey 86400 IN TXT "t=y; k=rsa; p=MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKKtPPXbNdvhPWGVXoEShvMYnnHYpUqIo7umzoFTCYynqq9j7WpiTOHqabxteN4igg8ztEZoB6z69JPD5OSN0CAwEAAQ=="
Yet many DNS hosts provide a console or form to submit and edit DNS zone files. If this is the case for your DNS host, a breakdown of the values above is:
Hostname = "convio1._domainkey"
Note that the "convio1" above is actually the selector for the domainkey. If you or another MTA (Mail Transfer Agent) is using DomainKeys on your behalf, you may have multiple TXT records with different selectors.
Also note, that your domain name will be appended to the end of this hostname value. In most cases it seems that DNS host do this for you but I've seen a case or two where you actually have to add the domain name. For ahs.org this would be: "convio1._domainkey.ahs.org"
TTL (Time To Live) = 86400
The above value is 24 hours (in seconds). Some forms may do the math for you and present the options in hours or days.
Value = "t=y; k=rsa; p=MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKKtPPXbNdvhPWGVXoEShvMYnnHYpUqIo7umzoFTCYynqq9j7WpiTOHqabxteN4igg8ztEZoB6z69JPD5OSN0CAwEAAQ=="
It is extremely important that this value has no extra characters or line breaks in it. Not that the quotes above are used just to separate the text, you don't need to include this in the text box that is presented.
The names of the fields may vary from what is listed above, but I hope this breakdown helps.
Comments
-
I wanted to share another tip that some might find helpful: Recently we were working with another client who was having problems getting the Yahoo DomainKey added with their DNS host. The online form that the host provided places to input: Domain, TTL, Record Type, and Value. All of the information seemed to be entered correctly, but the answer section of the Convio DNS checking tool returned:
;; ANSWER SECTION:
convio1._domainkey.ahs.org. 14400 IN TXT "t=y"
In this case, the DNS host: "HostGator," needed to insert the text by special request instead of through the standard interface to avoid truncating. This may be the case with other DNS hosts as well.
0 -
Thought I'd post another tip that I've heard a couple of people run into when setting up the txt records. In this case, the tip applies to configuring the TXT record for the Sender Policy Framework (SPF). The instructions on the customer site refer to an @ symbol in the record. This basically a shortcut or reference to the domain name that the record is being added to. It points to the domain for that record. If a DNS host does not support using an @ symbol in the host name, generally the name of your domain can be used.
0 -
I running into an issues... I was able to updated the SPF records and did the DNS checker got two green check marks. However now some users for example @MAC.com and @ATT.net email accounts are not able to email the domain. When they do they xyz changes to a @rfctu-live.convio.net. This is the CNAME address that convio uses for webhosting... When I took out the new SPF records everything went back to normal?
Any ideas?
Ethan
0 -
>
0 -
Heather McDowell:
>
This is generally the purpose of Yahoo DomainKeys and SenderID - to allow a message to get tied back to a domain and have it be verified as being from someone who owns that domain regardless of where the message is being sent from. It doesn't really matter what server or IP address the message is coming from. The two technologies work differently. An (over)simplified explaination of the two are:
- SenderID - The domains aliases or IP addresses that have permission to send are included in a txt record on the DNS host. When an email server receives a message it checks the SenderID record to find out if the message is from one of those sources.
- DomainKeys - When messages are sent, a digital signature is included in the message. This "signature" needs to match a corresponding value that is placed on in a DNS text record.
0
Categories
- All Categories
- Shannon parent
- shannon 2
- shannon 1
- 21 Advocacy DC Users Group
- 14 BBCRM PAG Discussions
- 89 High Education Program Advisory Group (HE PAG)
- 28 Luminate CRM DC Users Group
- 8 DC Luminate CRM Users Group
- Luminate PAG
- 5.9K Blackbaud Altru®
- 58 Blackbaud Award Management™ and Blackbaud Stewardship Management™
- 409 bbcon®
- 2.1K Blackbaud CRM™ and Blackbaud Internet Solutions™
- donorCentrics®
- 1.1K Blackbaud eTapestry®
- 2.8K Blackbaud Financial Edge NXT®
- 1.1K Blackbaud Grantmaking™
- 527 Education Management Solutions for Higher Education
- 1 JustGiving® from Blackbaud®
- 4.6K Education Management Solutions for K-12 Schools
- Blackbaud Luminate Online & Blackbaud TeamRaiser
- 16.4K Blackbaud Raiser's Edge NXT®
- 4.1K SKY Developer
- 547 ResearchPoint™
- 151 Blackbaud Tuition Management™
- 61 everydayhero
- 3 Campaign Ideas
- 58 General Discussion
- 115 Blackbaud ID
- 87 K-12 Blackbaud ID
- 6 Admin Console
- 949 Organizational Best Practices
- 353 The Tap (Just for Fun)
- 235 Blackbaud Community Feedback Forum
- 55 Admissions Event Management EAP
- 18 MobilePay Terminal + BBID Canada EAP
- 36 EAP for New Email Campaigns Experience in Blackbaud Luminate Online®
- 109 EAP for 360 Student Profile in Blackbaud Student Information System
- 41 EAP for Assessment Builder in Blackbaud Learning Management System™
- 9 Technical Preview for SKY API for Blackbaud CRM™ and Blackbaud Altru®
- 55 Community Advisory Group
- 46 Blackbaud Community Ideas
- 26 Blackbaud Community Challenges
- 7 Security Testing Forum
- 3 Blackbaud Staff Discussions
- 1 Blackbaud Partners Discussions
- 1 Blackbaud Giving Search™
- 35 EAP Student Assignment Details and Assignment Center
- 39 EAP Core - Roles and Tasks
- 59 Blackbaud Community All-Stars Discussions
- 20 Blackbaud Raiser's Edge NXT® Online Giving EAP
- Diocesan Blackbaud Raiser’s Edge NXT® User’s Group
- 2 Blackbaud Consultant’s Community
- 43 End of Term Grade Entry EAP
- 92 EAP for Query in Blackbaud Raiser's Edge NXT®
- 38 Standard Reports for Blackbaud Raiser's Edge NXT® EAP
- 12 Payments Assistant for Blackbaud Financial Edge NXT® EAP
- 6 Ask an All Star (Austen Brown)
- 8 Ask an All-Star Alex Wong (Blackbaud Raiser's Edge NXT®)
- 1 Ask an All-Star Alex Wong (Blackbaud Financial Edge NXT®)
- 6 Ask an All-Star (Christine Robertson)
- 21 Ask an Expert (Anthony Gallo)
- Blackbaud Francophone Group
- 22 Ask an Expert (David Springer)
- 4 Raiser's Edge NXT PowerUp Challenge #1 (Query)
- 6 Ask an All-Star Sunshine Reinken Watson and Carlene Johnson
- 4 Raiser's Edge NXT PowerUp Challenge: Events
- 14 Ask an All-Star (Elizabeth Johnson)
- 7 Ask an Expert (Stephen Churchill)
- 2025 ARCHIVED FORUM POSTS
- 322 ARCHIVED | Financial Edge® Tips and Tricks
- 164 ARCHIVED | Raiser's Edge® Blog
- 300 ARCHIVED | Raiser's Edge® Blog
- 441 ARCHIVED | Blackbaud Altru® Tips and Tricks
- 66 ARCHIVED | Blackbaud NetCommunity™ Blog
- 211 ARCHIVED | Blackbaud Target Analytics® Tips and Tricks
- 47 Blackbaud CRM Higher Ed Product Advisory Group (HE PAG)
- Luminate CRM DC Users Group
- 225 ARCHIVED | Blackbaud eTapestry® Tips and Tricks
- 1 Blackbaud eTapestry® Know How Blog
- 19 Blackbaud CRM Product Advisory Group (BBCRM PAG)
- 1 Blackbaud K-12 Education Solutions™ Blog
- 280 ARCHIVED | Mixed Community Announcements
- 3 ARCHIVED | Blackbaud Corporations™ & Blackbaud Foundations™ Hosting Status
- 1 npEngage
- 24 ARCHIVED | K-12 Announcements
- 15 ARCHIVED | FIMS Host*Net Hosting Status
- 23 ARCHIVED | Blackbaud Outcomes & Online Applications (IGAM) Hosting Status
- 22 ARCHIVED | Blackbaud DonorCentral Hosting Status
- 14 ARCHIVED | Blackbaud Grantmaking™ UK Hosting Status
- 117 ARCHIVED | Blackbaud CRM™ and Blackbaud Internet Solutions™ Announcements
- 50 Blackbaud NetCommunity™ Blog
- 169 ARCHIVED | Blackbaud Grantmaking™ Tips and Tricks
- Advocacy DC Users Group
- 718 Community News
- Blackbaud Altru® Hosting Status
- 104 ARCHIVED | Member Spotlight
- 145 ARCHIVED | Hosting Blog
- 149 JustGiving® from Blackbaud® Blog
- 97 ARCHIVED | bbcon® Blogs
- 19 ARCHIVED | Blackbaud Luminate CRM™ Announcements
- 161 Luminate Advocacy News
- 187 Organizational Best Practices Blog
- 67 everydayhero Blog
- 52 Blackbaud SKY® Reporting Announcements
- 17 ARCHIVED | Blackbaud SKY® Reporting for K-12 Announcements
- 3 Luminate Online Product Advisory Group (LO PAG)
- 81 ARCHIVED | JustGiving® from Blackbaud® Tips and Tricks
- 1 ARCHIVED | K-12 Conference Blog
- Blackbaud Church Management™ Announcements
- ARCHIVED | Blackbaud Award Management™ and Blackbaud Stewardship Management™ Announcements
- 1 Blackbaud Peer-to-Peer Fundraising™, Powered by JustGiving® Blogs
- 39 Tips, Tricks, and Timesavers!
- 56 Blackbaud Church Management™ Resources
- 154 Blackbaud Church Management™ Announcements
- 1 ARCHIVED | Blackbaud Church Management™ Tips and Tricks
- 11 ARCHIVED | Blackbaud Higher Education Solutions™ Announcements
- 7 ARCHIVED | Blackbaud Guided Fundraising™ Blog
- 2 Blackbaud Fundraiser Performance Management™ Blog
- 9 Foundations Events and Content
- 14 ARCHIVED | Blog Posts
- 2 ARCHIVED | Blackbaud FIMS™ Announcement and Tips
- 59 Blackbaud Partner Announcements
- 10 ARCHIVED | Blackbaud Impact Edge™ EAP Blogs
- 1 Community Help Blogs
- Diocesan Blackbaud Raiser’s Edge NXT® Users' Group
- Blackbaud Consultant’s Community
- Blackbaud Francophone Group
- 1 BLOG ARCHIVE CATEGORY
- Blackbaud Community™ Discussions
- 8.3K Blackbaud Luminate Online® & Blackbaud TeamRaiser® Discussions
- 5.7K Jobs Board