Change DKIM selector from 'default'

kpmedia

Well-Known Member
Feb 13, 2011
87
1
56
USA, Europe
cPanel Access Level
Root Administrator
cPanel sets all servers up to use "default". That's a problem if you use several severs to send mail, and they all insist on being "default".

Where's the setting to change the default selector used by the server? If not in WHM, what needs to be edited (and likely restarted) via SSH?

Using EXIM and Dovecot -- the cPanel default mail servers.
 
Last edited:
  • Like
Reactions: Gino Viroli

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,913
2,201
363
Hello :)

There is no native functionality available to customize the default DKIM records. However, you should be able to implement a manual workaround. Could you provide more details about the specific records you need to configure and your specific server setup?

Also, feel free to open a feature request for the ability to customize DKIM records at:

Submit A Feature Request

Thank you.
 

kpmedia

Well-Known Member
Feb 13, 2011
87
1
56
USA, Europe
cPanel Access Level
Root Administrator
- Right now the DKIM selector = "default" ... ie, "default._domainkey.mydomain.com" and signed by the server as "default"
- I want it set to "anything" (else)

I'm not sure what else you're after.

cPanel has to specify the key somewhere -- I just don't know where. I didn't write the software. It's likely an easy edit somewhere in the config files.

Forcing us to use "default" is not at all compliant with DKIM specs. It has selectors on purpose. If it's can't be changed, that's serious design flaw.
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,913
2,201
363
I was unable to find any internal documentation supporting the ability to modify the default entry used for DKIM. You are welcome to open a support ticket so we can take a closer look:

Submit A Ticket

You can post the ticket number here so we can update this thread with the outcome.

Thank you.
 

artfei

Registered
Feb 20, 2014
1
1
3
cPanel Access Level
Root Administrator
Hi all.

If anyone is still interested in this there are lines in /etc/exim.conf file

dkim_remote_smtp:
driver = smtp
interface = ${if exists {/etc/mailips}{${lookup{$original_domain}lsearch{/etc/mailips}{$value}{${lookup{$sender_address_domain}lsearch{/etc/mailips}{$value}{${lookup{${perl{get_sender_from_uid}}}lsearch*{/etc/mailips}{$value}{}}}}}}}}
helo_data = ${if exists {/etc/mailhelo}{${lookup{$original_domain}lsearch{/etc/mailhelo}{$value}{${lookup{$sender_address_domain}lsearch{/etc/mailhelo}{$value}{${lookup{${perl{get_sender_from_uid}}}lsearch*{/etc/mailhelo}{$value}{$primary_hostname}}}}}}}{$primary_hostname}}
dkim_domain = $sender_address_domain
dkim_selector = default
dkim_private_key = "/var/cpanel/domain_keys/private/${dkim_domain}"
dkim_canon = relaxed

To have different selectors for different domains you may simply change it from default to ${dkim_domain} or try to configure your own variables.

With the above I now have:

DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=nagios.domain.com; s=mydomain.com;
h=Date:From:Message-Id; bh=g3zLYH4xKxcPrHOD18z9YfpQcnk/GaJedfustWU5uGs=

Sure with this you should have domainkey TXT record like

mydomain.com._domainkey.mydomain.com
 
  • Like
Reactions: Ana Blake