domain keys and name-checking
D. Stussy
spam at bde-arc.ampr.org
Fri Oct 17 20:37:59 UTC 2008
"aklist" <aklist_bind at enigmedia.com> wrote in message
news:gdaoll$tu3$1 at sf1.isc.org...
> Hi All: I have a domain I'm authoritative for, in Bind 9.5.0-p1.
>
> I'm trying to bring up a mailserver in the domain that uses domain-keys,
and
> the server's tech support staff sent me a domain key to add as a text
record
> for the domain.
>
> This is the first domain I ever was required to set up domain-keys for.
The
> domain key has a syntax like:
>
> server._domainkey.domain.com. IN TXT "k=rsa; p=[very long string]"
>
> When I try to reload the zone, I get a log error:
>
> 17-Oct-2008 09:40:30.816 general: error: db.domain.com:18:
> server._domainkey.domain.com: bad owner name (check-names)
> 17-Oct-2008 09:40:30.816 general: error: zone domain.com/IN/external:
> loading from master file db.domain.com failed: bad owner name
(check-names)
>
> The server's support people are telling me "the current release of BIND
> doesn't seem to like underscores and you need to disable name-checking in
> BIND"
>
> Is that correct? If so, can I disable name-checking for a particular
domain?
It works for me.
The underscore is a valid character in labels, but not in hostnames. Do you
have any other records owned by or under the _domainkey label?
More information about the bind-users
mailing list