Hi All
As noted in my other missive on fixing missing records in a domain health check.
There is an issue with double-quoting TXT records in CPanel / WHM using the old Edit DNS Zone versus the new DNS Zone Manager.
Specific issue:
On a DNSOnly server I was running the PowerDNS domain check (I have snipped the irrelevant text to minimise line length issues. ):
[Warning] Parsed and original record content are not equal:
default._domainkey.clientdomain.com IN TXT
'"v=DKIM1; k=rsa; p=MIIBIjAN<snip>lMG7jlZ0ayj+L" FH6nusvV/87HxNugBuviQcMaEF<snip>xOtEmwFWlfWQIDAQAB\;'
Content parsed as
'"v=DKIM1; k=rsa; p=MIIBIjAN<snip>lMG7jlZ0ayj+L" "FH6nusvV/87HxNugBuviQcMaEF<snip>xOtEmwFWlfWQIDAQAB\;"')
Checked 19 records of 'clientdomain.com', 0 errors, 1 warnings.
When I studied it closely the actual TXT record was being formatted slightly differently with the double quote marks.
Messing around with different combinations of double-quote / no double-quote I can see a pattern, but it indicates that the different Zone editors in Cpanel are treating double-quotes differently to the way PowerDNs does and results in the parsing warning.
Copying the DKIM record from the Edit DNS Zone field shows:
"v=DKIM1; k=rsa; p=MIIBIjANB<snip>pgC/Q1UGPWxpvuGlgBH65lCI7JQQ2EihxeDwE3HzErKVUn3CeW9FDNkp<snip>MG7jlZ0ayj+L" FH6nusvV/87HxNugBuviQcMaEFjYc1AGgQ<snip>h+e6nwHhXM5/xOtEmwFWlfWQIDAQAB\;
Note the opening quote " and closing mid-string at +L" which is followed by a space which wraps in my editor and then the rest of the string follows without any further quote marks.
Modifying the zone record to have no quotes or spaces generates this as a record:
v=DKIM1
Yep, the double-quotes are in-use. Redoing it with the full string, no space or quote in the middle and closing the quote at the very end returns the quote & space mid-string as previously:
"v=DKIM1; k=rsa; p=MIIBIjANB<snip>pgC/Q1UGPWxpvuGlgBH65lCI7JQQ2EihxeDwE3HzErKVUn3CeW9FDNkp<snip>MG7jlZ0ayj+L" FH6nusvV/87HxNugBuviQcMaEFjYc1AGgQ<snip>h+e6nwHhXM5/xOtEmwFWlfWQIDAQAB\;
So apparently the Edit DNS Zone field management cannot handle the DKIM record length and breaks it with a wrap in double-quotes mid-string and a space before completing the rest of the string.
The issue is that with PowerDNS on the DNSOnly server that it syncs to, is that the PowerDNS check utility parses it as an error, (see above), where it is wrapping the second part of the string in quotes as well.
So I then go to the new DNS Zone Manager and check the records, they are all shown without quotes, which suggests that the display is inconsistent with the actual record content. Further, having saved and sync'd the zone with the new tool, the DNSOnly server pdns check utility still displays the same warning with the parsing error.
This is beyond my need to understand, but if you are seeing this warning and wondering why, this experience may help.
As noted in my other missive on fixing missing records in a domain health check.
There is an issue with double-quoting TXT records in CPanel / WHM using the old Edit DNS Zone versus the new DNS Zone Manager.
Specific issue:
On a DNSOnly server I was running the PowerDNS domain check (I have snipped the irrelevant text to minimise line length issues. ):
[Warning] Parsed and original record content are not equal:
default._domainkey.clientdomain.com IN TXT
'"v=DKIM1; k=rsa; p=MIIBIjAN<snip>lMG7jlZ0ayj+L" FH6nusvV/87HxNugBuviQcMaEF<snip>xOtEmwFWlfWQIDAQAB\;'
Content parsed as
'"v=DKIM1; k=rsa; p=MIIBIjAN<snip>lMG7jlZ0ayj+L" "FH6nusvV/87HxNugBuviQcMaEF<snip>xOtEmwFWlfWQIDAQAB\;"')
Checked 19 records of 'clientdomain.com', 0 errors, 1 warnings.
When I studied it closely the actual TXT record was being formatted slightly differently with the double quote marks.
Messing around with different combinations of double-quote / no double-quote I can see a pattern, but it indicates that the different Zone editors in Cpanel are treating double-quotes differently to the way PowerDNs does and results in the parsing warning.
Copying the DKIM record from the Edit DNS Zone field shows:
"v=DKIM1; k=rsa; p=MIIBIjANB<snip>pgC/Q1UGPWxpvuGlgBH65lCI7JQQ2EihxeDwE3HzErKVUn3CeW9FDNkp<snip>MG7jlZ0ayj+L" FH6nusvV/87HxNugBuviQcMaEFjYc1AGgQ<snip>h+e6nwHhXM5/xOtEmwFWlfWQIDAQAB\;
Note the opening quote " and closing mid-string at +L" which is followed by a space which wraps in my editor and then the rest of the string follows without any further quote marks.
Modifying the zone record to have no quotes or spaces generates this as a record:
v=DKIM1
Yep, the double-quotes are in-use. Redoing it with the full string, no space or quote in the middle and closing the quote at the very end returns the quote & space mid-string as previously:
"v=DKIM1; k=rsa; p=MIIBIjANB<snip>pgC/Q1UGPWxpvuGlgBH65lCI7JQQ2EihxeDwE3HzErKVUn3CeW9FDNkp<snip>MG7jlZ0ayj+L" FH6nusvV/87HxNugBuviQcMaEFjYc1AGgQ<snip>h+e6nwHhXM5/xOtEmwFWlfWQIDAQAB\;
So apparently the Edit DNS Zone field management cannot handle the DKIM record length and breaks it with a wrap in double-quotes mid-string and a space before completing the rest of the string.
The issue is that with PowerDNS on the DNSOnly server that it syncs to, is that the PowerDNS check utility parses it as an error, (see above), where it is wrapping the second part of the string in quotes as well.
So I then go to the new DNS Zone Manager and check the records, they are all shown without quotes, which suggests that the display is inconsistent with the actual record content. Further, having saved and sync'd the zone with the new tool, the DNSOnly server pdns check utility still displays the same warning with the parsing error.
This is beyond my need to understand, but if you are seeing this warning and wondering why, this experience may help.
Last edited:
