Small Tech Stack logo
Small Tech Stack logo

All articles

Email Authentication for Blackbaud's eTapestry service (DKIM)Updated a year ago

I helped a client through the DKIM setup process for Blackbaud's eTapestry service and I must say that their support is terrible.  Each time we asked them for the required DKIM record, they would provide only one piece of the DKIM record such as the selector, or the public key (not the entire DKIM value... just the key without the key type present.

Combine this with the face that their turn-around time for answering our question was 2+ days.

We were finally able to discover that they had been sending us pieces of TWO very different DKIM records that are required to get eTapestry to work correctly.  as you can see, they even use a different RSA key length.  (I've slightly munged the keys below)

Hopefully seeing this stuff in one place might help someone down the road


BASIC DKIM Record

Hostnamesm._domainkey
Valuev=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZFRc1p
tX+tghFKqwlP919+lBQrBYIIiZHSfnytwhriGVrHsMV60ladzXXuwb
l/NecTmtI8eMHCJNXCURlNbpaEzjJ71FEBau6vhRH2yDt5tYuUIZW
nnyi/UBNHOqoKLRjenEX2b1CLKpS86cNUHVcrgOkEs2FIEVwj+a7DMoawIDAQAB

* The public key (p) will obviously be different for every client

ADVANCED DKIM Record

Hostnamefsjzbekhxgaooscgluvgxoikxpuc._domainkey
Valuev=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7
HoNy9LcofSmLBptycq71WSh4RS46Sjfp1w0XuAjE4or9SPBsh/6tZ1saLKROAPd
Qu+epBpwMrZbYs6gh7aRD3CH6dYjSUoBmbo39THuYgEEC0akz4+XWJx83n
F4Nm4L4xqPJj29RcQ85EBW7lW0u0UPsoaPviU2E0LPk6byEdA3qrHD++GfdqV
WvDreM7P9Fx/0Hf5qcS0rPrEH+po82sE/E9efLA+cTFwA/MLW3gASJteX0tkB
noygGTxUEZ5MU93mMeK0LpMQ8fmj6IH753QTlZrapgaqqZFjGKHwXI7TTUdIv8p
CU164T0Q+NycL3iozyDdmsAhu4jxSJjdkQIDAQAB

* The Hostname and public key (p) will obviously be different for every client


Was this article helpful?
Yes
No