Cisco Cisco Email Security Appliance C160 Mode D'Emploi

Click Done.

Multi-string DNS text records may be generated if the key size of the signing key used to generate the 
DNS text records are larger than 1024 bits. This is because not more than 255 characters are allowed in 
a single string of a DNS text record. The DKIM authentication may fail as some of the DNS servers do 
not accept or serve multi-string DNS text records. 

To avoid this scenario, it is recommended that you use double quotes to break up the multi-string DNS 
text record into smaller strings not exceeding 255 bytes. The following is an example.

s._domainkey.domain.com. IN TXT "v=DKIM1;" 

"p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQE"

"A4Vbhjq2n/3DbEk6EHdeVXlIXFT7OEl81amoZLbvwMX+bej"

"CdxcsFV3uS7G8oOJSWBP0z++nTQmy9ZDWfaiopU6k7tzoi"

"+oRDlKkhCQrM4oP2B2F5sTDkYwPY3Pen2jgC2OgbPnbo3o"

"m3c1wMWgSoZxoZUE4ly5kPuK9fTtpeJHNiZAqkFICiev4yrkL"

"R+SmFsJn9MYH5+lchyZ74BVm+16Xq2mptWXEwpiwOxWI"

"YHXsZo2zRjedrQ45vmgb8xUx5ioYY9/yBLHudGc+GUKTj1i4"

"mQg48yCD/HVNfsSRXaPinliEkypH9cSnvgvWuIYUQz0dHU;" 

DKIM implementations reassemble DNS text records broken down this way into the full original single 
string before processing them.

Once you have created a signing key, associated it with a domain profile, and generated and inserted the 
DNS text into your authorized DNS, you can test your domain profile. 

Choose Mail Policies > Signing Profiles.

In the Domain Signing Profiles section, in the Test Profile column, click the Test link for the domain 
profile. 

A message is displayed at the top of the page, indicating success or failure. If the test fails, a warning 
message is displayed, including the error text.

All domain profiles on the appliance are exported together in a single text file. 

Choose Mail Policies > Signing Profiles.