Question:
The DKIM (TXT) token value cannot be entered into the relevant field of the DNS Service Provider as the length exceeds the 255 character limit. What is the solution for this scenario?
Answer:
DNS TXT records do have a limitation. Strings must not be longer than 255 Bytes. In this case, it is required to split the string size of the record. Based on DKIM-related specifications, the value can be split up the following way:
"k=rsa; p=[string1]" "[string2]"
An example is as follows:
Original token:
"k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlnl9QMzQ745aSdRC/BImVs3GeW2GE4yLdIfB2aDf9fRKsXRMWGrYHcZdtGdjWN2ZoxdIRCIGoxCmrEQMwYFeD9tDxHIa2i3Mr87yJk5vWM4MjMXgGX+DR5EK/TO0++Rzx5rgOEhw8Gzp0aqBoozK2RUlUpaQvCzKzqTdD/1Ua2sM3eYvUOaM61AprWh1KfmOlz3wXIulQqQeS2HFZCxcwDeQrdqpB30WAIRskfY0uzmUSTQfFZRh/TYKChhrJTo9nYkSRKxPLwhJH+n+joL2KuTIyhrbHeWmxkh6BYLTSSum9l3ToeeevTGi7FrvFtkw6z+OZDREv8TIvXFMHK8vsQIDAQAB"
Split token:
"k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlnl9QMzQ745aSdRC/BImVs3GeW2GE4yLdIfB2aDf9fRKsXRMWGrYHcZdtGdjWN2ZoxdIRCIGoxCmrEQMwYFeD9tDxHIa2i3Mr87yJk5vWM4MjMXgGX+DR5EK/TO0++Rzx5rgOEhw8Gzp0aqBoozK2RUlUpaQvCzKzqTdD/1Ua2sM3eYvUOaM61AprWh1KfmOlz3wXIulQq" "QeS2HFZCxcwDeQrdqpB30WAIRskfY0uzmUSTQfFZRh/TYKChhrJTo9nYkSRKxPLwhJH+n+joL2KuTIyhrbHeWmxkh6BYLTSSum9l3ToeeevTGi7FrvFtkw6z+OZDREv8TIvXFMHK8vsQIDAQAB"
Notice the quotation marks. This is the format in which particular DNS Service Providers accept this token value.
The following site can be used to split the token: DNS record splitter
After entering the token value into the free text box, check the Use quoted format for Google Cloud DNS checkbox.
- Specific DNS Service Providers do not require a space character between the two strings.
For example, in Amazon Route 53, the DKIM record may be split up in the following way:
"k=rsa; p=[string1]""[string2]" - In case of doubt, be sure to check the documentation or instructions provided by the DNS Service Provider.
Related Documentation:
CRM Help Documentation:
Third-Party Documentation: