I have a domain that I host on my mailcow server, but the website of that domain also uses amazon ses for subscription emails for the domain. Amazon allows you to use your own dkim (BYODKIM), and so I pasted the private key from the mailcow interface for that domain where amazon instructed me to, AFTER making the changes that they asked for:
“You have to delete the first and last lines (—–BEGIN PRIVATE KEY—– and —–END PRIVATE KEY—–, respectively) of the generated private key. Additionally, you have to remove the line breaks in the generated private key. The resulting value is a string of characters with no spaces or line breaks.”
So I pasted this in, made sure that my dkim record supplied by mailcow (with the public key) is working in my dns server and is propagated, but Amazon’s interface still says “pending” many hours later.
Is it possible that the changes Amazon asked for (removing line breaks and first/last lines) would make the key unusable in some way?
They also state that “The private key has to be in PKCS #1 format and use either 1024 or 2048 bit RSA encryption. Additionally, the private key has to be base64 encoded.”
Does anyone know if the private key supplied by mailcow matches the description above? Or have any other suggestions to make this work?
For now, mails sent by amazonses seem to be going through, but I am not sure they are verifying correct dkim sig.