[GH-ISSUE #96] "Check Records" says CNAME default._domainkey record not found #692

New issue

Closed

opened 2026-03-14 10:10:42 +03:00 by kerem · 15 comments

kerem commented 2026-03-14 10:10:42 +03:00

Owner

Copy link

Originally created by @crazy-max on GitHub (Nov 9, 2020).
Original GitHub issue: https://github.com/anonaddy/anonaddy/issues/96

Hi,

When I want to "Check Records" I've got:

CNAME default._domainkey record not found. This could be due to DNS caching, please try again later.

But the record exists on Namecheap:

Am I missing something?

Originally created by @crazy-max on GitHub (Nov 9, 2020). Original GitHub issue: https://github.com/anonaddy/anonaddy/issues/96 Hi, When I want to "Check Records" I've got: ``` CNAME default._domainkey record not found. This could be due to DNS caching, please try again later. ``` But the record exists on Namecheap:  Am I missing something?

kerem closed this issue 2026-03-14 10:10:47 +03:00

kerem commented 2026-03-14 10:10:53 +03:00

Author

Owner

Copy link

@h-town commented on GitHub (Nov 16, 2020):

Your DKIM should be configured as a TXT type record that returns a string of data led with v=DKIM1; k=rsa; p=

<!-- gh-comment-id:728388102 --> @h-town commented on GitHub (Nov 16, 2020): Your DKIM should be configured as a TXT type record that returns a string of data led with _v=DKIM1; k=rsa; p=_

kerem commented 2026-03-14 10:10:58 +03:00

Author

Owner

Copy link

@willbrowningme commented on GitHub (Nov 17, 2020):

Is this for self-hosting or on app.anonaddy.com?

<!-- gh-comment-id:728848719 --> @willbrowningme commented on GitHub (Nov 17, 2020): Is this for self-hosting or on app.anonaddy.com?

kerem commented 2026-03-14 10:11:03 +03:00

Author

Owner

Copy link

@crazy-max commented on GitHub (Nov 17, 2020):

@willbrowningme Yes self-hosting with our Docker image

<!-- gh-comment-id:728882394 --> @crazy-max commented on GitHub (Nov 17, 2020): @willbrowningme Yes self-hosting with our Docker image

kerem commented 2026-03-14 10:11:09 +03:00

Author

Owner

Copy link

@willbrowningme commented on GitHub (Nov 19, 2020):

@crazy-max do you have config('anonaddy.domain') set correctly?

$def = collect(dns_get_record('default._domainkey.' . $this->domain . '.', DNS_CNAME))
    ->contains(function ($r) {
        return $r['target'] === 'default._domainkey.' . config('anonaddy.domain');
    });

if (!$def) {
    return response()->json([
        'success' => false,
        'message' => 'CNAME default._domainkey record not found. This could be due to DNS caching, please try again later.'
    ]);
}

Those are the lines that performs the check in the code.

<!-- gh-comment-id:730341062 --> @willbrowningme commented on GitHub (Nov 19, 2020): @crazy-max do you have `config('anonaddy.domain')` set correctly? ```php $def = collect(dns_get_record('default._domainkey.' . $this->domain . '.', DNS_CNAME)) ->contains(function ($r) { return $r['target'] === 'default._domainkey.' . config('anonaddy.domain'); }); if (!$def) { return response()->json([ 'success' => false, 'message' => 'CNAME default._domainkey record not found. This could be due to DNS caching, please try again later.' ]); } ``` Those are the lines that performs the check in the code.

kerem commented 2026-03-14 10:11:14 +03:00

Author

Owner

Copy link

@crazy-max commented on GitHub (Nov 19, 2020):

@willbrowningme

do you have config('anonaddy.domain') set correctly?

Yes

Those are the lines that performs the check in the code.

I think that's the issue. On Namecheap host and target cannot be the same for CNAME:

So default._domainkey / default._domainkey.example.com. does not work.
That's why I've used default._domainkey / example.com..

<!-- gh-comment-id:730417789 --> @crazy-max commented on GitHub (Nov 19, 2020): @willbrowningme > do you have config('anonaddy.domain') set correctly? Yes > Those are the lines that performs the check in the code. I think that's the issue. On Namecheap host and target cannot be the same for CNAME:  So `default._domainkey` / `default._domainkey.example.com.` does not work. That's why I've used `default._domainkey` / `example.com.`.

kerem commented 2026-03-14 10:11:19 +03:00

Author

Owner

Copy link

@willbrowningme commented on GitHub (Jan 7, 2021):

@crazy-max is this issue still present?

<!-- gh-comment-id:756207611 --> @willbrowningme commented on GitHub (Jan 7, 2021): @crazy-max is this issue still present?

kerem commented 2026-03-14 10:11:24 +03:00

Author

Owner

Copy link

@crazy-max commented on GitHub (Jan 7, 2021):

@willbrowningme Yes (0.6.2):

DNS records on Namecheap:

WDYT about what I said in https://github.com/anonaddy/anonaddy/issues/96#issuecomment-730417789?

<!-- gh-comment-id:756290336 --> @crazy-max commented on GitHub (Jan 7, 2021): @willbrowningme Yes (0.6.2):   DNS records on Namecheap:  WDYT about what I said in https://github.com/anonaddy/anonaddy/issues/96#issuecomment-730417789?

kerem commented 2026-03-14 10:11:29 +03:00

Author

Owner

Copy link

@willbrowningme commented on GitHub (Jan 7, 2021):

Thanks for the screenshots. Hmm, I've not used namecheap to set DNS records before.

Please could you try the following CNAME record:

Host: default._domainkey
Value: default._domainkey.yourdomain.com

Notice the missing period (full-stop) for the value of the record.

I'm not sure why namecheap wouldn't allow that since the host and value are different.

<!-- gh-comment-id:756300890 --> @willbrowningme commented on GitHub (Jan 7, 2021): Thanks for the screenshots. Hmm, I've not used namecheap to set DNS records before. Please could you try the following CNAME record: Host: default._domainkey Value: default._domainkey.yourdomain.com Notice the missing period (full-stop) for the value of the record. I'm not sure why namecheap wouldn't allow that since the host and value are different.

kerem commented 2026-03-14 10:11:34 +03:00

Author

Owner

Copy link

@crazy-max commented on GitHub (Jan 7, 2021):

@willbrowningme Like I said in https://github.com/anonaddy/anonaddy/issues/96#issuecomment-730417789, I can't:

default._domainkey = default._domainkey.example.com. does not work.
Only I can do is default._domainkey = example.com..

<!-- gh-comment-id:756346587 --> @crazy-max commented on GitHub (Jan 7, 2021): @willbrowningme Like I said in https://github.com/anonaddy/anonaddy/issues/96#issuecomment-730417789, I can't:  `default._domainkey` = `default._domainkey.example.com.` does not work. Only I can do is `default._domainkey` = `example.com.`.

kerem commented 2026-03-14 10:11:39 +03:00

Author

Owner

Copy link

@willbrowningme commented on GitHub (Jan 7, 2021):

I just tried to add that record with a domain I have on namecheap and it seems to have worked.

<!-- gh-comment-id:756355000 --> @willbrowningme commented on GitHub (Jan 7, 2021): I just tried to add that record with a domain I have on namecheap and it seems to have worked. 

kerem commented 2026-03-14 10:11:44 +03:00

Author

Owner

Copy link

@crazy-max commented on GitHub (Jan 7, 2021):

With the same domain as the zone?

Zone: example.com
CNAME: default._domainkey = default._domainkey.example.com.

<!-- gh-comment-id:756376699 --> @crazy-max commented on GitHub (Jan 7, 2021): With the same domain as the zone? Zone: `example.com` CNAME: `default._domainkey` = `default._domainkey.example.com.`

kerem commented 2026-03-14 10:11:49 +03:00

Author

Owner

Copy link

@willbrowningme commented on GitHub (Jan 8, 2021):

Okay, I think I understand the issue now.

So let's say you are self-hosting AnonAddy on the domain maindomain.com.

This domain should have default._domainkey set with an actual DKIM value e.g. "v=DKIM1;h=sha256;k=rsa;...."

Then say you want to add a custom domain through the domains page called customdomain.com.

This customdomain.com should have a default._domainkey record of default._domainkey.maindomain.com. so that it uses the same signing key as the maindomain.

In your example above if you are trying to add example.com as a custom domain then the record should point to the default._domainkey on the main domain hosting AnonAddy.

<!-- gh-comment-id:756649262 --> @willbrowningme commented on GitHub (Jan 8, 2021): Okay, I think I understand the issue now. So let's say you are self-hosting AnonAddy on the domain `maindomain.com`. This domain should have `default._domainkey` set with an actual DKIM value e.g. `"v=DKIM1;h=sha256;k=rsa;...."` Then say you want to add a custom domain through the domains page called `customdomain.com`. This `customdomain.com` should have a `default._domainkey` record of `default._domainkey.maindomain.com.` so that it uses the same signing key as the maindomain. In your example above if you are trying to add `example.com` as a custom domain then the record should point to the `default._domainkey` on the main domain hosting AnonAddy.

kerem commented 2026-03-14 10:11:54 +03:00

Author

Owner

Copy link

@crazy-max commented on GitHub (Jan 8, 2021):

Yes in my case I don't have a custom domain but only use the main domain and I have defined this main domain in the anonaddy interface. Maybe I should not?

This domain should have default._domainkey set with an actual DKIM value e.g. "v=DKIM1;h=sha256;k=rsa;...."

About that it should be defined as a TXT record right?:

TXT / s1._domainkey / v=DKIM1;t=s;p=

Is there something wrong here in my records?

<!-- gh-comment-id:756816186 --> @crazy-max commented on GitHub (Jan 8, 2021): Yes in my case I don't have a custom domain but only use the main domain and I have defined this main domain in the anonaddy interface. Maybe I should not?  > This domain should have `default._domainkey` set with an actual DKIM value e.g. `"v=DKIM1;h=sha256;k=rsa;...."` About that it should be defined as a TXT record right?: `TXT` / `s1._domainkey` / `v=DKIM1;t=s;p=`  Is there something wrong here in my records?

kerem commented 2026-03-14 10:12:00 +03:00

Author

Owner

Copy link

@willbrowningme commented on GitHub (Jan 8, 2021):

That's right, you do not need to add the domain AnonAddy is running on to the domains page as this is seen as the main domain. So if I was using example.com to host AnonAddy I would not add example.com to the domains page too as it will already have been setup in /etc/postfix/main.cf during installation.

You can add ANONADDY_ADMIN_USERNAME=johndoe or whatever your username is to your .env file and that will allow your main domain to act as a catch-all.

I'm not sure what your _domainkey record with a value of t=y; o=-; is?

<!-- gh-comment-id:756820357 --> @willbrowningme commented on GitHub (Jan 8, 2021): That's right, you do not need to add the domain AnonAddy is running on to the domains page as this is seen as the main domain. So if I was using `example.com` to host AnonAddy I would not add `example.com` to the domains page too as it will already have been setup in `/etc/postfix/main.cf` during installation. You can add `ANONADDY_ADMIN_USERNAME=johndoe` or whatever your username is to your `.env` file and that will allow your main domain to act as a catch-all. I'm not sure what your `_domainkey` record with a value of `t=y; o=-;` is?

kerem commented 2026-03-14 10:12:05 +03:00

Author

Owner

Copy link

@crazy-max commented on GitHub (Jan 8, 2021):

That's right, you do not need to add the domain AnonAddy is running on to the domains page as this is seen as the main domain.

Ok got it thanks

I'm not sure what your _domainkey record with a value of t=y; o=-; is?

I'm currently in test mode for DKIM. I have to add support for it in our Docker image (anonaddy/docker#35).

<!-- gh-comment-id:756992269 --> @crazy-max commented on GitHub (Jan 8, 2021): > That's right, you do not need to add the domain AnonAddy is running on to the domains page as this is seen as the main domain. Ok got it thanks > I'm not sure what your _domainkey record with a value of t=y; o=-; is? I'm currently in test mode for DKIM. I have to add support for it in our Docker image (anonaddy/docker#35).

kerem referenced this issue 2026-03-14 11:36:02 +03:00

[GH-ISSUE #692] Transparency Report & Canary Request #1055

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

master

v1.5.0

v1.4.1

v1.4.0

v1.3.8

v1.3.7

v1.3.6

v1.3.5

v1.3.4

v1.3.3

v1.3.2

v1.3.1

v1.3.0

v1.2.3

v1.2.2

v1.2.1

v1.2.0

v1.1.0

v1.0.9

v1.0.8

v1.0.7

v1.0.6

v1.0.5

v1.0.4

v1.0.3

v1.0.2

v1.0.1

v1.0.0

v0.14.1

v0.14.0

v0.13.13

v0.13.12

v0.13.11

v0.13.10

v0.13.9

v0.13.8

v0.13.7

v0.13.6

v0.13.5

v0.13.4

v0.13.3

v0.13.2

v0.13.1

v0.13.0

v0.12.3

v0.12.2

v0.12.1

v0.12.0

v0.11.2

v0.11.1

v0.11.0

v0.10.1

v0.10.0

v0.9.1

v0.9.0

v0.8.10

v0.8.9

v0.8.8

v0.8.7

v0.8.6

v0.8.5

v0.8.4

v0.8.3

v0.8.2

v0.8.1

v0.8.0

v0.7.5

v0.7.4

v0.7.3

v0.7.2

v0.7.1

v0.7.0

v0.6.2

v0.6.1

v0.6.0

v0.5.0

v0.4.0

v0.3.0

v0.2.13

v0.2.12

v0.2.11

v0.2.10

v0.2.9

v0.2.8

v0.2.7

v0.2.6

v0.2.5

v0.2.4

v0.2.3

v0.2.2

v0.2.1

v0.2.0

v0.1.6

v0.1.5

v0.1.4

v0.1.3

v0.1.2

v0.1.1

v0.1.0

Labels

Clear labels   

bug

  

pull-request

Mirrored from GitHub Pull Request

No labels

bug

pull-request

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/anonaddy#692

No description provided.