diff --git a/en_US/howto/2-sign.dkim.signature.for.new.domain.md b/en_US/howto/2-sign.dkim.signature.for.new.domain.md index 34e25b19..17084c8b 100644 --- a/en_US/howto/2-sign.dkim.signature.for.new.domain.md +++ b/en_US/howto/2-sign.dkim.signature.for.new.domain.md @@ -102,14 +102,23 @@ Add one line after `"mydomain.com"` line like below: * Restart Amavisd service. -Again, don't forget to ask your customer to add DKIM DNS record. The value of +Again, don't forget to add DKIM DNS record for this new domain. The value of DKIM record can be checked with command below: ```shell # amavisd-new showkeys ``` -## Use one DKIM key for all mail domains without updating Amavisd config file +After added DKIM DNS record, please verify it with command: + +```shell +# amavisd-new testkeys +``` + +Note: DNS vendor usually cache DNS records for 2 hours, so if above command +shows "invalid" instead of "pass", you should try again later. + +## Use one DKIM key for all mail domains For compatibility with dkim_milter the signing domain can include a '*' as a wildcard - this is not recommended as this way amavisd could produce diff --git a/html/sign.dkim.signature.for.new.domain.html b/html/sign.dkim.signature.for.new.domain.html index 2a77d5af..f85bf8ab 100644 --- a/html/sign.dkim.signature.for.new.domain.html +++ b/html/sign.dkim.signature.for.new.domain.html @@ -14,7 +14,7 @@
Again, don't forget to ask your customer to add DKIM DNS record. The value of +
Again, don't forget to add DKIM DNS record for this new domain. The value of DKIM record can be checked with command below:
# amavisd-new showkeys
-After added DKIM DNS record, please verify it with command:
+# amavisd-new testkeys
+
+
+Note: DNS vendor usually cache DNS records for 2 hours, so if above command +shows "invalid" instead of "pass", you should try again later.
+For compatibility with dkim_milter the signing domain can include a '*' as a wildcard - this is not recommended as this way amavisd could produce signatures which have no corresponding public key published in DNS.