Score:-1

How long should it take for google to authenticate a DKIM TXT DNS entry?

in flag

enter image description here

Does anyone know how long it takes for google to authenticate a DKIM TXT DNS entry?

The entry sits in AWS Route53 and the record is correctly saved, the record is only on a 10 second TTL.

Google seems to be happy with reading the record.

But... it has been sat like the image now for over 4 hours.

Is it meant to take this long, or does anyone have any tips?

cn flag
For clarity, is there any problem at all?
John avatar
in flag
Maybe then this is the question. Is this what the google interface is meant to look like when authenticating a DKIM? Or should there be an indication that the authentication was a success? It is next to impossible for me to tell if there is or is not anything wrong.
cn flag
To my knowledge, this is what it looks like when DKIM is active, hence "authenticating email". Maybe that is the whole confusion?
John avatar
in flag
Ah right I see.. yes that really confused me. I was expecting some sort of response from the UI to say "all good"... doesn't help things that there is a save button greyed out too :D
djdomi avatar
za flag
to be honstly the question needs more focus. a dns change takes days even on low ttl that any dns on earth knows about the changes
Score:0
cn flag

Provided that you created the resource records correctly the first time, there is no delay. Since have been waiting, that means either you:

  • created a resource record incorrectly,
  • named the resource record incorrectly,
  • did not create the resource record before the first time Google queried for the record (and received NXDOMAIN).

Comments:

  1. Current TTL does not affect previously cached records.

  2. If a previous query received NXDOMAIN, that response (error) is cached. The SOA record indicates how long you will have to wait. This is a common reason for delayed success.

  3. Your question lacks details of what record Google specified and what record you created. Since DNS records are public, there is no need to hide them. Providing those details makes it very simple to tell you what is wrong.

  4. Use Internet-based tools to verify your DMARC/DKIM/SPF records. I use this site and this site.

  5. If the resource records are correct and verified by an external tool and you have waited up to 48 hours with no success, start the process over again with Google.

Suggestion:

You can flush the DNS cache. This can help when incorrect DNS records are cached.

Delete what you have created, flush DNS, and restart the process with Google.

Google DNS Flush Cache

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.