Tagged: BIND

Adding a DKIM record to your DNS

Adding a DKIM record to your DNS is quite simple. Add two txt records like

_domainkey.domain.com          IN TXT o=!;r=postmaster@domain.com
selector._domainkey.domain.com IN TXT v=DKIM1;k=rsa;p=<public key>

Which means:

  • o=~ the server signs some mail
  • o=- all mail is signed, but unsigned mail should be accepted
  • o=! all mail is signed, do not accept unsigned mail
  • t=y I’m still testing
  • v=DKIM1 we use DKIM version 1
  • k=rsa it is a RSA key
  • r=<x@xx> report problems to this email address
  • p=<public key> this is my public key

Hide your version of BIND

To hide your version of bind, enter the following value to your named.conf

version "[NONE]";

in the option section:

options {
directory "/var/lib/bind";
version "[NONE]";

Check the value with this command:

dig @dns.server.tld -c CH -t txt version.bind