我尝试了几种方法(GUI、命令行、带引号、不带引号),但无法将 DKIM 记录添加到 Google DNS。我们正在将所有记录移植到 Google DNS,然后打开 Google DNS(如果我们可以先让它工作的话)。以下是添加记录和执行交易的最后 2 个命令和输出:
Deans-MacBook-Pro:authservice dean$ gcloud dns --project=orderly-gcp record-sets transaction add \"v=DKIM1\;\ k=rsa\;\ p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqiC1U9FnYKnw3tJ/kvISikBBAUZWrDYNYV4q0lN\+z7PjVIh5tk86b4jBvFzcR6ug3hD02JNgphEdGbYmFtjjfxN1gXVp61aRM/yJUw2oMNRXsmmUzE4Hl3yUQihJkE\+lvDWZDx\+S4MIb4KlRvdkEmRG4fowQxb4AAXf\+FaKbf8h9VZ3O2KqV18P0OoDjlJMyOOePSnf8Hgsym246M1aIhpBQM34X2/gY4dpBeFXG\+dEWq7TICQEKXKypYIhsJDxCj03jL/ro8AoWyhQ5Lz6H3/g1RIsuzAJtVlmlSoZOn/lyHFKyh/\+kkt/jyrE6DNN7JXTxXZBdE5yKsdG3zkYBqwIDAQAB\" --name=google._domainkey.orderlyhealth.com. --ttl=300 --type=TXT --zone=orderlyhealth
Record addition appended to transaction at [transaction.yaml].
Deans-MacBook-Pro:authservice dean$ gcloud dns --project=orderly-gcp record-sets transaction execute --zone=orderlyhealth
ERROR: (gcloud.dns.record-sets.transaction.execute) HTTPError 400: Invalid value for 'entity.change.additions[1].rrdata[0]': '"v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqiC1U9FnYKnw3tJ/kvISikBBAUZWrDYNYV4q0lN+z7PjVIh5tk86b4jBvFzcR6ug3hD02JNgphEdGbYmFtjjfxN1gXVp61aRM/yJUw2oMNRXsmmUzE4Hl3yUQihJkE+lvDWZDx+S4MIb4KlRvdkEmRG4fowQxb4AAXf+FaKbf8h9VZ3O2KqV18P0OoDjlJMyOOePSnf8Hgsym246M1aIhpBQM34X2/gY4dpBeFXG+dEWq7TICQEKXKypYIhsJDxCj03jL/ro8AoWyhQ5Lz6H3/g1RIsuzAJtVlmlSoZOn/lyHFKyh/+kkt/jyrE6DNN7JXTxXZBdE5yKsdG3zkYBqwIDAQAB"'
答案1
我尝试添加生成的 DKIM 记录在线的re2.xxx.xxx到我的测试项目中的 测试域:
1582300947.xxx._domainkey.re2.xxx.xxx
v=DKIM1;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDNGban25809+iUFrb1Eg3Hlt1KiVsE6/ug+ifhJ31eYisjcFHVbJ5HE76uuLHXEPnAPfGnAkOo2EWuZSUCOb/8uaI/NMu99vtvXw+egoK8yQ/t0GpY7TGtm/IFRNEHt3W/R98WkQJdygX7vb/9Vel+BR+hbVw/gI/c8VOKqOxH2QIDAQAB
用户界面:
DNS name:
1582300947.xxx._域密钥.re2.xxx.xxx
TXT data:
“v=DKIM1;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDNGban25809+iUFrb1Eg3Hlt1KiVsE6/ug+ifhJ31eYisjcFHVbJ5HE76uuLHXEPnAPfGnAkOo2EWuZSUCOb/8uaI/NMu99vtvXw+egoK8yQ/t0GpY7TGtm/IFRNEHt3W/R98WkQJdygX7vb/9Vel+BR+hbVw/gI/c8VOKqOxH2QIDAQAB”
之后我使用命令检查了 TXT 记录:
$ dig TXT 1582300947.xxx._domainkey.re2.xxx.xxx @ns-cloud-a1.googledomains.com
; <<>> DiG 9.11.5-P4-5.1+build2-Debian <<>> TXT 1582300947.xxx._domainkey.re2.xxx.xxx @ns-cloud-a1.googledomains.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 36175
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; WARNING: recursion requested but not available
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;1582300947.xxx._domainkey.re2.xxx.xxx. IN TXT
;; ANSWER SECTION:
1582300947.xxx._domainkey.re2.xxx.xxx. 300 IN TXT "v=DKIM1;t=s;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDNGban25809+iUFrb1Eg3Hlt1KiVsE6/ug+ifhJ31eYisjcFHVbJ5HE76uuLHXEPnAPfGnAkOo2EWuZSUCOb/8uaI/NMu99vtvXw+egoK8yQ/t0GpY7TGtm/IFRNEHt3W/R98WkQJdygX7vb/9Vel+BR+hbVw/gI/c8VOKqOxH2QIDAQAB"
;; Query time: 28 msec
;; SERVER: 2001:4860:4802:32::6a#53(2001:4860:4802:32::6a)
;; WHEN: Fri Feb 21 17:17:09 CET 2020
;; MSG SIZE rcvd: 310
并且它有效。
命令行:
$ gcloud dns --project=test-prj record-sets transaction start --zone=re2
$ gcloud dns --project=test-prj record-sets transaction add \"v=DKIM1\;t=s\;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDNGban25809\+iUFrb1Eg3Hlt1KiVsE6/ug\+ifhJ31eYisjcFHVbJ5HE76uuLHXEPnAPfGnAkOo2EWuZSUCOb/8uaI/NMu99vtvXw\+egoK8yQ/t0GpY7TGtm/IFRNEHt3W/R98WkQJdygX7vb/9Vel\+BR\+hbVw/gI/c8VOKqOxH2QIDAQAB\" --name=1582300947.xxx._domainkey.re2.xxx.xxx. --ttl=300 --type=TXT --zone=re2
$ gcloud dns --project=test-prj record-sets transaction execute --zone=re2
Executed transaction [transaction.yaml] for managed-zone [re2].
Created [https://dns.googleapis.com/dns/v1/projects/test-prj/managedZones/re2/changes/3].
ID START_TIME STATUS
3 2020-02-21T16:28:12.667Z pending
并且它也能按预期工作:
$ dig TXT 1582300947.xxx._domainkey.re2.xxx.xxx @ns-cloud-a1.googledomains.com
; <<>> DiG 9.11.5-P4-5.1+build2-Debian <<>> TXT 1582300947.xxx._domainkey.re2.xxx.xxx @ns-cloud-a1.googledomains.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 11807
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; WARNING: recursion requested but not available
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;1582300947.xxx._domainkey.re2.xxx.xxx. IN TXT
;; ANSWER SECTION:
1582300947.xxx._domainkey.re2.xxx.xxx. 300 IN TXT "v=DKIM1;t=s;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDNGban25809+iUFrb1Eg3Hlt1KiVsE6/ug+ifhJ31eYisjcFHVbJ5HE76uuLHXEPnAPfGnAkOo2EWuZSUCOb/8uaI/NMu99vtvXw+egoK8yQ/t0GpY7TGtm/IFRNEHt3W/R98WkQJdygX7vb/9Vel+BR+hbVw/gI/c8VOKqOxH2QIDAQAB"
;; Query time: 28 msec
;; SERVER: 2001:4860:4802:32::6a#53(2001:4860:4802:32::6a)
;; WHEN: Fri Feb 21 17:40:19 CET 2020
dig TXT 1582300947.xxx._domainkey.re2.xxx.xxx @ns-cloud-a1.googledomains.com
更新查看文档有关选择资源记录类型的详细信息:
文本数据,可包含任意文本,也可用于定义机器可读数据,例如安全或滥用预防信息。TXT 记录可能包含一个或多个文本字符串;每个字符串的最大长度为 255 个字符。邮件代理和其他软件代理会连接多个字符串。将每个字符串括在引号中。例如:
“你好世界”“再见世界”
如果您的 DKIM 记录包含超过 255 个字符,则应将其拆分。例如,将 DKIM 密钥拆分为两部分,如下所示:
"v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAraC3pqvqTkAfXhUn7Kn3JUNMwDkZ65ftwXH58anno/bElnTDAd/idk8kWpslrQIMsvVKAe+mvmBEnpXzJL+0LgTNVTQctUujyilWvcONRd/z37I34y6WUIbFn4ytkzkdoVmeTt32f5LxegfYP4P/w7QGN1mOcnE2Qd5SKIZv3Ia1p9d6uCaVGI8brE/7zM5c/"
"zMthVPE2WZKA28+QomQDH7ludLGhXGxpc7kZZCoB5lQiP0o07Ful33fcED73BS9Bt1SNhnrs5v7oq1pIab0LEtHsFHAZmGJDjybPA7OWWaV3L814r/JfU2NK1eNu9xYJwA8YW7WosL45CSkyp4QeQIDAQAB"
除了上述文档外,请检查此文章。