Change DKIM selector from 'default'

kpmedia

Well-Known Member
Feb 13, 2011
87
1
58
USA, Europe
cPanel Access Level
Root Administrator
cPanel sets all servers up to use "default". That's a problem if you use several severs to send mail, and they all insist on being "default".

Where's the setting to change the default selector used by the server? If not in WHM, what needs to be edited (and likely restarted) via SSH?

Using EXIM and Dovecot -- the cPanel default mail servers.
 
Last edited:
  • Like
Reactions: Gino Viroli

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,909
2,227
463
Hello :)

There is no native functionality available to customize the default DKIM records. However, you should be able to implement a manual workaround. Could you provide more details about the specific records you need to configure and your specific server setup?

Also, feel free to open a feature request for the ability to customize DKIM records at:

Submit A Feature Request

Thank you.
 

kpmedia

Well-Known Member
Feb 13, 2011
87
1
58
USA, Europe
cPanel Access Level
Root Administrator
- Right now the DKIM selector = "default" ... ie, "default._domainkey.mydomain.com" and signed by the server as "default"
- I want it set to "anything" (else)

I'm not sure what else you're after.

cPanel has to specify the key somewhere -- I just don't know where. I didn't write the software. It's likely an easy edit somewhere in the config files.

Forcing us to use "default" is not at all compliant with DKIM specs. It has selectors on purpose. If it's can't be changed, that's serious design flaw.
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,909
2,227
463
I was unable to find any internal documentation supporting the ability to modify the default entry used for DKIM. You are welcome to open a support ticket so we can take a closer look:

Submit A Ticket

You can post the ticket number here so we can update this thread with the outcome.

Thank you.
 

artfei

Registered
Feb 20, 2014
1
1
3
cPanel Access Level
Root Administrator
Hi all.

If anyone is still interested in this there are lines in /etc/exim.conf file

dkim_remote_smtp:
driver = smtp
interface = ${if exists {/etc/mailips}{${lookup{$original_domain}lsearch{/etc/mailips}{$value}{${lookup{$sender_address_domain}lsearch{/etc/mailips}{$value}{${lookup{${perl{get_sender_from_uid}}}lsearch*{/etc/mailips}{$value}{}}}}}}}}
helo_data = ${if exists {/etc/mailhelo}{${lookup{$original_domain}lsearch{/etc/mailhelo}{$value}{${lookup{$sender_address_domain}lsearch{/etc/mailhelo}{$value}{${lookup{${perl{get_sender_from_uid}}}lsearch*{/etc/mailhelo}{$value}{$primary_hostname}}}}}}}{$primary_hostname}}
dkim_domain = $sender_address_domain
dkim_selector = default
dkim_private_key = "/var/cpanel/domain_keys/private/${dkim_domain}"
dkim_canon = relaxed

To have different selectors for different domains you may simply change it from default to ${dkim_domain} or try to configure your own variables.

With the above I now have:

DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=nagios.domain.com; s=mydomain.com;
h=Date:From:Message-Id; bh=g3zLYH4xKxcPrHOD18z9YfpQcnk/GaJedfustWU5uGs=

Sure with this you should have domainkey TXT record like

mydomain.com._domainkey.mydomain.com
 
  • Like
Reactions: Ana Blake
Feb 22, 2017
17
0
1
Hamilton, Bermuda
cPanel Access Level
Root Administrator
Surprised that 7yrs later and we still can't select our own DKIM selector... this needs to be changed. With every system out there forcing default._domainkey down your throat with no way to change it really puts customers at a disadvantage.
 

cPRex

Jurassic Moderator
Staff member
Oct 19, 2014
6,810
894
313
cPanel Access Level
Root Administrator
There is an older feature request that was opened around the time this thread was created, but I don't see that it received any action. I've messaged the email development team and they are going to look into what it would take to make this an option in the future, but obviously there is nothing official yet or no ETA.