[GH-ISSUE #108] TXT records of length more than 255 chars #362

New issue

Open

opened 2026-03-13 14:46:58 +03:00 by kerem · 5 comments

kerem commented 2026-03-13 14:46:58 +03:00

Owner

Copy link

Originally created by @AnoopAlias on GitHub (Apr 24, 2018).
Original GitHub issue: https://github.com/abh/geodns/issues/108

geoDNS does not support txt records with more than 255 char . But I am facing issues in splitting up a very big DKIM record .

xyz: { "txt" : [" firstpartof string","secondpart"]}

This seems to work and geoDNS provide the 2 records in query , but the DKIM is shown as invalid

Is there a way around to add such DKIM record, all the notes I have read say ..if we just pass the 2 records, the client DKIM checker must concatenate and use it

https://kb.isc.org/article/AA-00356/0/Can-I-have-a-TXT-or-SPF-record-longer-than-255-characters.html

Originally created by @AnoopAlias on GitHub (Apr 24, 2018). Original GitHub issue: https://github.com/abh/geodns/issues/108 geoDNS does not support txt records with more than 255 char . But I am facing issues in splitting up a very big DKIM record . xyz: { "txt" : [" firstpartof string","secondpart"]} This seems to work and geoDNS provide the 2 records in query , but the DKIM is shown as invalid Is there a way around to add such DKIM record, all the notes I have read say ..if we just pass the 2 records, the client DKIM checker must concatenate and use it https://kb.isc.org/article/AA-00356/0/Can-I-have-a-TXT-or-SPF-record-longer-than-255-characters.html

kerem commented 2026-03-13 14:47:03 +03:00

Author

Owner

Copy link

@abh commented on GitHub (Apr 24, 2018):

What does bind, nsd or PowerDNS do in this case?

<!-- gh-comment-id:383820247 --> @abh commented on GitHub (Apr 24, 2018): What does bind, nsd or PowerDNS do in this case?

kerem commented 2026-03-13 14:47:08 +03:00

Author

Owner

Copy link

@AnoopAlias commented on GitHub (Apr 24, 2018):

@abh

Following is binds response from dig tool

;; QUESTION SECTION:
;default._domainkey.lemurstack.com. IN	TXT

;; ANSWER SECTION:
default._domainkey.lemurstack.com. 14263 IN TXT	"v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwhdA/p6ZekbZYE18fvDtbEK/yqfgtuaZdCZawnLhZ0FikZAYW2+g2dHi0Oa/H/p7yd9RM/BoU1MdsTWtXphfOZgOLhG74UqbON/WWxyebIzbM+z8aD0ACkL6AzQGfESMQVIwcTQ0WHKAiYnrlJIgsW72XQeJJhSIpIaot1BnmBrcwSOKpqP8R3GstKMToeWd+" "m8H0PZ1Quos9y4hii4pxBBkTBUq/i6iAezrbAbD51mxwG1uT4r/qh9U5Hz4noQ2Dpz1l14xThs2vQKLqS2odOYJXWH6uPsVSp1yD2jX8746aKlqlUoBmDwP1rLxVsB7ipS0VkHu0rdedusuqFce5wIDAQAB;"

The entry in binds DB file is as follows

default._domainkey IN TXT "v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwhdA/p6ZekbZYE18fvDtbEK/yqfgtuaZdCZawnLhZ0FikZAYW2+g2dHi0Oa/H/p7yd9RM/BoU1MdsTWtXphfOZgOLhG74UqbON/WWxyebIzbM+z8aD0ACkL6AzQGfESMQVIwcTQ0WHKAiYnrlJIgsW72XQeJJhSIpIaot1BnmBrcwSOKpqP8R3GstKMToeWd+" m8H0PZ1Quos9y4hii4pxBBkTBUq/i6iAezrbAbD51mxwG1uT4r/qh9U5Hz4noQ2Dpz1l14xThs2vQKLqS2odOYJXWH6uPsVSp1yD2jX8746aKlqlUoBmDwP1rLxVsB7ipS0VkHu0rdedusuqFce5wIDAQAB\;

I tried to split this in geoDNS and it is providing 2 response when queried but doesn't seem to be valid. Online DKIM tester tools all return errors.

If the TXT record is given in entire, geoDNS does not provide response and the log says the 255-byte length exceeded

Thanks a bunch for looking into this

<!-- gh-comment-id:383836750 --> @AnoopAlias commented on GitHub (Apr 24, 2018): @abh Following is binds response from dig tool ``` ;; QUESTION SECTION: ;default._domainkey.lemurstack.com. IN TXT ;; ANSWER SECTION: default._domainkey.lemurstack.com. 14263 IN TXT "v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwhdA/p6ZekbZYE18fvDtbEK/yqfgtuaZdCZawnLhZ0FikZAYW2+g2dHi0Oa/H/p7yd9RM/BoU1MdsTWtXphfOZgOLhG74UqbON/WWxyebIzbM+z8aD0ACkL6AzQGfESMQVIwcTQ0WHKAiYnrlJIgsW72XQeJJhSIpIaot1BnmBrcwSOKpqP8R3GstKMToeWd+" "m8H0PZ1Quos9y4hii4pxBBkTBUq/i6iAezrbAbD51mxwG1uT4r/qh9U5Hz4noQ2Dpz1l14xThs2vQKLqS2odOYJXWH6uPsVSp1yD2jX8746aKlqlUoBmDwP1rLxVsB7ipS0VkHu0rdedusuqFce5wIDAQAB;" ``` The entry in binds DB file is as follows ``` default._domainkey IN TXT "v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwhdA/p6ZekbZYE18fvDtbEK/yqfgtuaZdCZawnLhZ0FikZAYW2+g2dHi0Oa/H/p7yd9RM/BoU1MdsTWtXphfOZgOLhG74UqbON/WWxyebIzbM+z8aD0ACkL6AzQGfESMQVIwcTQ0WHKAiYnrlJIgsW72XQeJJhSIpIaot1BnmBrcwSOKpqP8R3GstKMToeWd+" m8H0PZ1Quos9y4hii4pxBBkTBUq/i6iAezrbAbD51mxwG1uT4r/qh9U5Hz4noQ2Dpz1l14xThs2vQKLqS2odOYJXWH6uPsVSp1yD2jX8746aKlqlUoBmDwP1rLxVsB7ipS0VkHu0rdedusuqFce5wIDAQAB\; ``` I tried to split this in geoDNS and it is providing 2 response when queried but doesn't seem to be valid. Online DKIM tester tools all return errors. If the TXT record is given in entire, geoDNS does not provide response and the log says the 255-byte length exceeded Thanks a bunch for looking into this

kerem commented 2026-03-13 14:47:13 +03:00

Author

Owner

Copy link

@AnoopAlias commented on GitHub (Apr 24, 2018):

I tried recommendations here:

https://serverfault.com/questions/255580/how-do-i-enter-a-strong-long-dkim-key-into-dns

http://hack.limbicmedia.ca/how-to-split-dns-dkim-records-properly/

<!-- gh-comment-id:383838161 --> @AnoopAlias commented on GitHub (Apr 24, 2018): I tried recommendations here: https://serverfault.com/questions/255580/how-do-i-enter-a-strong-long-dkim-key-into-dns http://hack.limbicmedia.ca/how-to-split-dns-dkim-records-properly/

kerem commented 2026-03-13 14:47:19 +03:00

Author

Owner

Copy link

@abh commented on GitHub (Apr 24, 2018):

On Apr 24, 2018, at 0:48, Anoop P Alias notifications@github.com wrote:

I tried to split this in geoDNS and it is providing 2 response when queried but doesn't seem to be valid. Online DKIM tester tools all return errors.

Hm. My best guess is that GeoDNS randomizes the order. The easiest fix is probably to teach it to split long txt records and preserve the order in that case.

<!-- gh-comment-id:383844538 --> @abh commented on GitHub (Apr 24, 2018): > On Apr 24, 2018, at 0:48, Anoop P Alias <notifications@github.com> wrote: > > I tried to split this in geoDNS and it is providing 2 response when queried but doesn't seem to be valid. Online DKIM tester tools all return errors. Hm. My best guess is that GeoDNS randomizes the order. The easiest fix is probably to teach it to split long txt records and preserve the order in that case.

kerem commented 2026-03-13 14:47:24 +03:00

Author

Owner

Copy link

@AnoopAlias commented on GitHub (Apr 24, 2018):

@abh - geoDNS automatically handling the long TXT record would be fabulous.

<!-- gh-comment-id:383845302 --> @AnoopAlias commented on GitHub (Apr 24, 2018): @abh - geoDNS automatically handling the long TXT record would be fabulous.

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

main

copilot/fix-102

avro

dependabot/go_modules/golang.org/x/net-0.7.0

master

godep

docs

geoip6

influxdb

targeting

edns-subnet

v3.4.1

v3.4.0

v3.3.3

v3.3.2

v3.3.1

v3.3.0

v3.2.3

v3.2.2

v3.2.1

v3.2.0

v3.1.0

v3.1.0-rc1

v3.0.2

v3.0.1

2.7.0

2.6.0

2.5.0

2.4.0

2.4.4

2.4.1

2.2.8

2.2.7

2.2.6

2.2.5

2.2.4

2.2.3

2.2.2

2.2.1

Labels

Clear labels   

bug

  

bug

  

enhancement

  

pull-request

Mirrored from GitHub Pull Request

  

question

No labels

bug

bug

enhancement

pull-request

question

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/geodns#362

No description provided.