domain keys and name-checking
aklist
aklist_bind at enigmedia.com
Sat Oct 18 11:51:31 UTC 2008
>>
>> do I need to just make the MX record (right before the domain keys
>> record):
>>
>> domain.com. MX 10 mail
>>
>> or do I also have to prepend "domain.com" to the A record that follows
>> the domain keys record?
>>
>
> You need to move the domainkey record to after the A record. That's
> supposed to be a continuation of all the records for the zone name. Do
> you understand that indenting a line means it inherits the name from the
> previous line?
>
I do now <g>...I always did it without thinking about why it worked, because
it worked!
The question for me now, how do I delegate a subzone in this domain without
named-checkzone grumbling that it's "ignoring out-of-zone data"? I have:
[last A record in zone]
www A aaa.bbb.ccc.41
;
server._domainkey.domain.com. IN TXT "k=rsa; p=[long string]"
;
$ORIGIN sub.domain.com.
server A aaa.bbb.ccc.42
server A aaa.bbb.ddd.12
server A aaa.bbb.ddd.13
server A aaa.bbb.ddd.14
server A aaa.bbb.ddd.15
MX 10 server
;
but I'm still getting the error above for all the subzone A records?
More information about the bind-users
mailing list