<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<p>Hello,</p>
<p>Thank you for your answer.<br>
I apologize to not have put my real domain ; this was the first
time I am asking help on this list andWaht was not confident.</p>
<p>So this is a dump of my zone file :<br>
<font size="-2">;<br>
; BIND data file for local pasteur-cayenne.fr<br>
;<br>
$TTL 604800<br>
@ IN SOA ara.pasteur-cayenne.fr.
hostmaster.pasteur-cayenne.fr. (<br>
2019120809 ;<br>
7200 ;<br>
3600 ;<br>
1209600 ;<br>
86400 ) ;<br>
</font></p>
<p><font size="-2">$TTL 86400 ; 1 day<br>
NS ara.pasteur-cayenne.fr.<br>
NS ns6.oleane.net.<br>
NS ns7.oleane.net.<br>
$TTL 3600 ; 1 hour<br>
MX 0 smtp.pasteur-cayenne.fr.<br>
$ORIGIN pasteur-cayenne.fr.<br>
<br>
@ 86400 IN TXT "v=spf1 a mx -all"<br>
@ 86400 IN SPF "v=spf1 a mx -all"<br>
<br>
; DKIM<br>
; ----- DKIM key 1C8CAD
5A-194F-11EA-BDA2-7FCBBE1B5136 for pasteur-cayenne.fr<br>
<br>
1C8CAD5A-194F-11EA-BDA2-7FCBBE1B5136._domainkey IN TXT
( "v=DKIM1; k=rsa; "<br>
"p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtz9uhHIP6BeOL170uRLNtGD8Al/Dk3RHnB2oqaTpQUYojtnzq+J6CjyTGLlsX1aZk7Nbjxj13vf//O3tASV34QH1ozGEEmHptI953Qk9qLq6AUO+OZ1pkQ+8Z/VqXCbe5GLqDg1+lXI6T3zWN2FQNrUCm4HZ952jrrKSJET2dGYKLp49fUI6LZd15VSwTO+3DKAtpa16gbxbIu"<br>
"Jxo3Jcd/pxQhWUYVmMA0/ZR4H0ZljD2EVGeSnNKNbCB3mOXFKTI/zW8Liqf+HpNs69qcmUvHlTCSokOlp/KT1AcSpfgnqAG3gwiyc2gFM+lgPX8c8bfd+8O64GX3zM17QGwbvf1wIDAQAB"
)</font></p>
<p><font size="-2">; DMARC<br>
_dmarc.pasteur-cayenne.fr IN TXT ( "v=DMARC1; p=none; "<br>
"rua=<a class="moz-txt-link-freetext" href="mailto:dmarc@pasteur-cayenne.fr">mailto:dmarc@pasteur-cayenne.fr</a>; pct=5; "<br>
"sp=none; aspf=r" )</font><br>
</p>
<p><font size="-1"> <font size="-2"> IN NS
ara.pasteur-cayenne.fr.<br>
ara A 186.2.246.17<br>
smtp A 186.2.246.17</font></font></p>
<p>Why my DKIM record is working and not my dmarc record ?</p>
<p>here is the result of command named-checkzone :</p>
<p># named-checkzone pasteur-cayenne.fr
/var/named/external/db.pasteur-cayenne.fr<br>
zone pasteur-cayenne.fr/IN: loaded serial 2019120809<br>
OK</p>
<p>here is my dig test, which return nothing :<br>
<font size="-1"># dig txt +short _dmarc.pasteur-cayenne.fr
@ara.pasteur-cayenne.fr</font></p>
<p>instead dig test for dkim gives :<br>
<font size="-1"># dig txt +short
1C8CAD5A-194F-11EA-BDA2-7FCBBE1B5136._domainkey.pasteur-cayenne.fr
@ara.pasteur-cayenne.fr<br>
"v=DKIM1; k=rsa; "
"p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtz9uhHIP6BeOL170uRLNtGD8Al/Dk3RHnB2oqaTpQUYojtnzq+J6CjyTGLlsX1aZk7Nbjxj13vf//O3tASV34QH1ozGEEmHptI953Qk9qLq6AUO+OZ1pkQ+8Z/VqXCbe5GLqDg1+lXI6T3zWN2FQNrUCm4HZ952jrrKSJET2dGYKLp49fUI6LZd15VSwTO+3DKAtpa16gbxbIu"
"Jxo3Jcd/pxQhWUYVmMA0/ZR4H0ZljD2EVGeSnNKNbCB3mOXFKTI/zW8Liqf+HpNs69qcmUvHlTCSokOlp/KT1AcSpfgnqAG3gwiyc2gFM+lgPX8c8bfd+8O64GX3zM17QGwbvf1wIDAQAB"</font></p>
<p><br>
</p>
<p><br>
</p>
<p><br>
</p>
<div class="moz-cite-prefix">Le 10/12/2019 à 10:11, Ondřej Surý a
écrit :<br>
</div>
<blockquote type="cite"
cite="mid:BC43B1F5-3D40-47EB-BC83-E5844ACA2214@isc.org">
<pre class="moz-quote-pre" wrap="">Hi Edouard,
I would start by **not** anonymizing domains you want to help with. What’s the point of using my-domain.fr anyway?
$ dig +short IN TXT pasteur-cayenne.fr
"v=spf1 a mx -all"
There’s no shame in having a problem you can’t solve yourself. We’ve all been there. Disguising the real domain is very often misleading and prevents other people from helping you.
I would start by checking the correctness of the zone file (with named-checkzone) and making sure you bumped the serial number in SOA and you reloaded the zone.
Ondrej
--
Ondřej Surý
<a class="moz-txt-link-abbreviated" href="mailto:ondrej@isc.org">ondrej@isc.org</a>
</pre>
<blockquote type="cite">
<pre class="moz-quote-pre" wrap="">On 10 Dec 2019, at 13:56, Edouard Guigné <a class="moz-txt-link-rfc2396E" href="mailto:eguigne@pasteur-cayenne.fr"><eguigne@pasteur-cayenne.fr></a> wrote:
Dear all,
I am using bind 9.11.4-9.P2 installed on a centos 7 with yum.
I am seting dkim and dmarc record for a mail server.
I succeeded to set the dkim record ( a test with # dig txt + short ... works)
But I am stucked with dmarc record.
I filled my zone file like this :
...
$ORIGIN my-domain.fr.
...
@ 86400 IN TXT "v=spf1 a mx -all"
selector._domainkey IN IN TXT ( "v=DKIM1; k=rsa; "
"p=..." )
_dmarc IN TXT "v=DMARC1; p=none; rua=<a class="moz-txt-link-freetext" href="mailto:dmarc@my-domain.fr">mailto:dmarc@my-domain.fr</a>; pct=5; sp=none; aspf=r"
...
A test with the dig command does not give answer :
# dig txt +short _dmarc.my-domain.fr
May someone help me to make it works ?
Best Regards,
EdG
_______________________________________________
Please visit <a class="moz-txt-link-freetext" href="https://lists.isc.org/mailman/listinfo/bind-users">https://lists.isc.org/mailman/listinfo/bind-users</a> to unsubscribe from this list
bind-users mailing list
<a class="moz-txt-link-abbreviated" href="mailto:bind-users@lists.isc.org">bind-users@lists.isc.org</a>
<a class="moz-txt-link-freetext" href="https://lists.isc.org/mailman/listinfo/bind-users">https://lists.isc.org/mailman/listinfo/bind-users</a>
</pre>
</blockquote>
<pre class="moz-quote-pre" wrap="">
</pre>
</blockquote>
</body>
</html>