Verify domain with google Postmaster Tools

From SdNOG wiki
Revision as of 12:54, 25 October 2021 by Sara.alamin (talk | contribs) (Troubleshooting)
Jump to navigation Jump to search

How to steps

We have noticed some participants subscribe to sdnog mailing list using gmail accounts. and they do not receive some of the list's email and some being forwarded to the Junk folder. this because the DKIM and DMARC fail with domain

DKIM and DMARK failed.png

so there are many steps need to be fixed , one of them verifying the domain with google Postmaster Tools, and here we will see how could be done.

1. You need to generate a DNS validation key TXT resource record from google Postmaster Tools
using a gmail account. login and the enter domain name you want to verify

Add the domain to be authenticated.png

2. then copy the TXT record and add this to your DNS zone file , and then click on verify.

Add TXT record to DNS.png

3. after few minutes, the domain will be verified.

The Domain has been verified.png


the above steps seems very easy to do. but while we are doing this for we found some issues. We added the TXT record to the zone, but it was not propagated to DNS secondaries:

 $ dig txt
 ;; ANSWER SECTION:		60	IN	TXT	"v=spf1 mx a ip4: ip6:2001:43f8:1f3:a00::12 ~all"

so we noticed not all sdnog secondaries servers are synced, using "dig soa +nssearch" command:

 $ dig soa +nssearch | awk -F ' ' ' {print $4, $10, $11}'
 2021051905 server
 2021051905 server
 2021102409 server
 2021051905 server
 2021102409 server
 2021051905 server
 2021051905 server