Configuring DKIM using DNS and hosting on VPS
Your DKIM selector is.. odd.
d=example.com; s=default.domainkey;
While this is perfectly valid..
Periods are allowed in selectors and are component separators. [..] In a DNS implementation, this can be used to allow delegation of a portion of the selector namespace.
.. because DKIM keys are stored in a subdomain named "_domainkey" it is unusual to have the selector also contain "domainkey". If you really wanted that as a selector, you would place the key at default.domainkey._domainkey.example.com
- I did not notice at first because I confirmed the key at default._domainkey.example.com
.
Recommendation: Remove the extra domainkey
out of the two such labels. Only use periods in the selector if intend to make use of how that interfaces with the meaning of dots in DNS context, otherwise it is just an unnecessary source of confusion.
Configure a key with a name actually encoding something that helps remember what this key is or at some later point: was (which is my main reason to recommend things like rsa2021
over default
). Depending on how your mail server is configured, you may want to delete the misplaced key and generate a new one, this time setting a name from the start - this is to avoid other mismatches in the configuration.