diff --git a/interface/web/mail/mail_domain_edit.php b/interface/web/mail/mail_domain_edit.php
index c822c9f27a7eee6f67b243e8293b2666ee9264b9..a22e7fc5dc84ab40c72446dd9f2fc04e088143ab 100644
--- a/interface/web/mail/mail_domain_edit.php
+++ b/interface/web/mail/mail_domain_edit.php
@@ -699,7 +699,7 @@ class page_action extends tform_actions {
 			if ( ($selector || $dkim_private || $dkim_active) && $dkim_active )
 				//* create a new record only if the dns-zone exists
 				if ( isset($soa) && !empty($soa) ) {
-					$this->update_dns($this->dataRecord, $soa);
+					$this->update_dns($this->dataRecord, $soa, $this->oldDataRecord);
 				}
 			if (! $dkim_active) {
 				// updated existing dmarc-record to policy 'none'
@@ -718,25 +718,20 @@ class page_action extends tform_actions {
 
 	}
 
-	private function update_dns($dataRecord, $new_rr) {
+	private function update_dns($dataRecord, $new_rr, $oldDataRecord = null) {
 		global $app, $conf;
 
-		// purge old rr-record(s)
-		$sql = "SELECT * FROM dns_rr WHERE name LIKE ? AND data LIKE 'v=DKIM1%' AND " . $app->tform->getAuthSQL('r') . " ORDER BY serial DESC";
-		$rec = $app->db->queryAllRecords($sql, '%._domainkey.'.$dataRecord['domain'].'.');
-		if(is_array($rec)) {
-			foreach($rec as $r) {
-				$app->db->datalogDelete('dns_rr', 'id', $r['id']);
+		// Purge old rr-record, incase the selector or domain changed.
+		if (!empty($oldDataRecord)) {
+			$sql = "SELECT * FROM dns_rr WHERE name LIKE ? AND data LIKE 'v=DKIM1%' AND " . $app->tform->getAuthSQL('r') . " ORDER BY serial DESC";
+			$rec = $app->db->queryAllRecords($sql, $oldDataRecord['dkim_selector'].'._domainkey.'.$oldDataRecord['domain'].'.');
+			if(is_array($rec)) {
+				foreach($rec as $r) {
+					$app->db->datalogDelete('dns_rr', 'id', $r['id']);
+				}
 			}
 		}
 
-		// also delete a dsn-records with same selector
-		$sql = "SELECT * from dns_rr WHERE name ? AND data LIKE 'v=DKIM1%' AND " . $app->tform->getAuthSQL('r');
-		$rec = $app->db->queryAllRecords($sql, '._domainkey.'.$dataRecord['dkim_selector'].'.', $dataRecord['domain']);
-		if (is_array($rec))
-			foreach ($rec as $del)
-				$app->db->datalogDelete('dns_rr', 'id', $del['id']);
-
 		$new_rr['name'] = $dataRecord['dkim_selector'].'._domainkey.'.$dataRecord['domain'].'.';
 		$new_rr['type'] = 'TXT';
 		$new_rr['data'] = 'v=DKIM1; t=s; p='.str_replace(array('-----BEGIN PUBLIC KEY-----','-----END PUBLIC KEY-----',"\r","\n"), '', $this->dataRecord['dkim_public']);