Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

DKIM and CloudFlare

Discussion in 'E-mail Discussion' started by esports, Feb 21, 2016.

  1. esports

    esports Member

    Joined:
    Jan 6, 2016
    Messages:
    17
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Europe
    cPanel Access Level:
    Root Administrator
    I moved a parked domain to it's own CPanel account. I deleted all 'old' DKIM keys, generated a new one via CPanel (Authentication tab). The message I got:
    Code:
    default._domainkey    14400    IN    TXT    "v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3+thDBzPCu5HvHAo4176Jg04x42FYoYtOPIEf6Px1ScCfdf2lFp9QDQL1iXc89IkA4Tpu8GjWc/U80zGSXYY3uNNTjr8miHdKAGfNyzGGIOKcRmIqKk6wBzNWVICPDOZnXRYf6wiQXNM7sgK2kc2QaCN27JX6Wt3WSgp7yfug1qtTha9PavQSxf4bQewYCs66" GrExjY3SmEdduvT/+AwcZBlnDAMdCYG9UYAVpxEWahITCGalv8XfrhWWG/t/ar0tQH2ZeIj0Spo+TlUx0b+XLqGKZkp7AoMT61ReW/IAVgNuQXAqT18cnLE5IIFtkKOpT8UP18lc+7E7qlkQsVWYQIDAZAB
    I removed the "" and spaces and added the key to CloudFlare. Then I went to WHM, DNS Editor and added the the Dkim there as well.

    When I email @verifier.port25.com
    I get the following answer:

    Code:
    SPF check:          pass
DomainKeys check:   neutral
DKIM check:         permerror
Sender-ID check:    pass
SpamAssassin check: ham

----------------------------------------------------------
DKIM check details:
----------------------------------------------------------
Result:         permerror (key "default._domainkey.domain.com" doesn't exist)
ID(s) verified:
Canonicalized Headers:
    content-transfer-encoding:7bit'0D''0A'
    content-type:text/plain;'20'charset=windows-1252;'20'format=flowed'0D''0A'
    in-reply-to:<1fd0dd9e416753e1c7202abf67d445c0@domain.com>'0D''0A'
    mime-version:1.0'0D''0A'
    date:Sun,'20'21'20'Feb'20'2016'20'18:25:02'20'+0100'0D''0A'
    message-id:<56C9F2EE.8030300@domain.com>'0D''0A'
    from:name'20'<name@domain.com>'0D''0A'
    references:<1078d5fa795fb3c65593c35233d11737@domain.com>'20'<f016a483cc857ded8f3770536d599592@domain.com>'20'<1fd0dd9e416753e1c7202abf67d445c0@domain.com>'0D''0A'
    to:check-auth@verifier.port25.com'0D''0A'
    subject:dkim'0D''0A'
    dkim-signature:v=1;'20'a=rsa-sha256;'20'q=dns/txt;'20'c=relaxed/relaxed;'20'd=domain.com;'20's=default;'20'h=Content-Transfer-Encoding:Content-Type:'20'In-Reply-To:MIME-Version:Date:Message-ID:From:References:To:Subject;'20'bh=47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=;'20'b=;

Canonicalized Body:

DNS record(s):
    default._domainkey.domain.com. TXT (NXDOMAIN)


-------------------------
    What am I doing wrong? What's the correct process to add a DKIM to CPanel, DNS in WHM and CloudFlare?
     
    #1 esports, Feb 21, 2016
    Last edited by a moderator: Jun 6, 2016
  2. syslint

    syslint Well-Known Member

    Joined:
    Oct 9, 2006
    Messages:
    262
    Likes Received:
    6
    Trophy Points:
    168
    Location:
    India
    cPanel Access Level:
    Root Administrator
    Twitter:
    Are you sure the domain keys are resolving properly using "dig" from the cloudflare dns cluster ?
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #2 syslint, Feb 22, 2016
  3. esports

    esports Member

    Joined:
    Jan 6, 2016
    Messages:
    17
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Europe
    cPanel Access Level:
    Root Administrator
    I am not sure what you mean. Can you be more specific, in a noob way?

    If it helps, prior moving domain, the cf was resolving the dns correctly.
     
    #3 esports, Feb 22, 2016
  4. syslint

    syslint Well-Known Member

    Joined:
    Oct 9, 2006
    Messages:
    262
    Likes Received:
    6
    Trophy Points:
    168
    Location:
    India
    cPanel Access Level:
    Root Administrator
    Twitter:
    Run the following command in your shell.

    # dig -t TXT default._domainkey.YOURDOMAINNAME.COM +trace
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #4 syslint, Feb 22, 2016
  5. esports

    esports Member

    Joined:
    Jan 6, 2016
    Messages:
    17
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Europe
    cPanel Access Level:
    Root Administrator
    Returns this:

    ;; global options: +cmd
    . 6158 IN NS c.root-servers.net.
    . 6158 IN NS f.root-servers.net.
    . 6158 IN NS m.root-servers.net.
    . 6158 IN NS j.root-servers.net.
    . 6158 IN NS g.root-servers.net.
    . 6158 IN NS l.root-servers.net.
    . 6158 IN NS a.root-servers.net.
    . 6158 IN NS b.root-servers.net.
    . 6158 IN NS d.root-servers.net.
    . 6158 IN NS i.root-servers.net.
    . 6158 IN NS h.root-servers.net.
    . 6158 IN NS e.root-servers.net.
    . 6158 IN NS k.root-servers.net.
    ;; Received 228 bytes from 8.8.8.8#53(8.8.8.8) in 92 ms

    com. 172800 IN NS a.gtld-servers.net.
    com. 172800 IN NS b.gtld-servers.net.
    com. 172800 IN NS c.gtld-servers.net.
    com. 172800 IN NS d.gtld-servers.net.
    com. 172800 IN NS e.gtld-servers.net.
    com. 172800 IN NS f.gtld-servers.net.
    com. 172800 IN NS g.gtld-servers.net.
    com. 172800 IN NS h.gtld-servers.net.
    com. 172800 IN NS i.gtld-servers.net.
    com. 172800 IN NS j.gtld-servers.net.
    com. 172800 IN NS k.gtld-servers.net.
    com. 172800 IN NS l.gtld-servers.net.
    com. 172800 IN NS m.gtld-servers.net.
    ;; Received 487 bytes from my.IP in 103 ms

    I guess this means that I have none. How can I generate one, copy it and add it in WHM & CloudFlare?
    If I click enable / disable in CPanel I do not see the key to copy it
     
    #5 esports, Feb 22, 2016
    Last edited: Feb 22, 2016
  6. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    45,435
    Likes Received:
    1,961
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello :)

    Please let us know if this document from CloudFlare is helpful:

    How do I add DKIM records?

    Also, have you used a website such as IntoDNS to verify which name server your DNS records are handled at?

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #6 cPanelMichael, Feb 22, 2016
  7. esports

    esports Member

    Joined:
    Jan 6, 2016
    Messages:
    17
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Europe
    cPanel Access Level:
    Root Administrator
    Thank you for your reply.
    I know how to add the DKIM key to CloudFlare. I don't have a DKIM key to add...

    The nameservers are the ones from CloudFlare. It works ok. I just don't have a DKIM. I need to generate one, add it to DNS Editor in WHM and to CloudFlare. Not sure how to generate one..... (or better said, a new one)

    Edit: I did check intodns . Everything was fine there. The only thing I am missing is a DKIM key which doesn't show up there
     
    #7 esports, Feb 22, 2016
    Last edited: Feb 23, 2016
  8. esports

    esports Member

    Joined:
    Jan 6, 2016
    Messages:
    17
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Europe
    cPanel Access Level:
    Root Administrator
    Last night I tried again: I activated DKIM in CPANEL, added a new TXT in DNS Editor (WHM) and the same in CloudFlare.

    This is the result I got. Not sure what to do. The "public key" there is also the one displayed when running
    # dig -t TXT default._domainkey.YOURDOMAINNAME.COM +trace
    - Removed -

    I also do not understand now what do the DNS entries in the WHM do? So far I know, Cloudflare handles all the DNS so I went on and deleted all DNS from WHM...

    Now I cannot activate / deactivate SPF and DKIM...
     
    #8 esports, Feb 23, 2016
    Last edited by a moderator: Jun 6, 2016
  9. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    45,435
    Likes Received:
    1,961
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello :)

    You don't need to add an additional TXT record to the DNS zone on the cPanel server after enabling DKIM via the "Authentication" option in cPanel. This option automatically adds the DNS record for you. Thus, you simply need to copy the record over to CloudFlare. Please ensure you remove any existing TXT records for this DKIM entry in cPanel, and then enable DKIM through cPanel. You can obtain the record by viewing the zone file through "WHM >> Edit DNS Zone" or via this command:

    Code:
    cat /var/named/domain.com.db
    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #9 cPanelMichael, Feb 23, 2016
  10. PHILLIP BOOTH

    PHILLIP BOOTH Member

    Joined:
    Dec 6, 2015
    Messages:
    10
    Likes Received:
    1
    Trophy Points:
    3
    Location:
    UK
    cPanel Access Level:
    Root Administrator
    This is what you are using

    "v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3+thDBzPCu5HvHAo4176Jg04x42FYoYtOPIEf6Px1ScCfdf2lFp9QDQL1iXc89IkA4Tpu8GjWc/U80zGSXYY3uNNTjr8miHdKAGfNyzGGIOKcRmIqKk6wBzNWVICPDOZnXRYf6wiQXNM7sgK2kc2QaCN27JX6Wt3WSgp7yfug1qtTha9PavQSxf4bQewYCs66"
    GrExjY3SmEdduvT/+AwcZBlnDAMdCYG9UYAVpxEWahITCGalv8XfrhWWG/t/ar0tQH2ZeIj0Spo+TlUx0b+XLqGKZkp7AoMT61ReW/IAVgNuQXAqT18cnLE5IIFtkKOpT8UP18lc+7E7qlkQsVWYQIDAZAB

    Change it to this

    "v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3+thDBzPCu5HvHAo4176Jg04x42FYoYtOPIEf6Px1ScCfdf2lFp9QDQL1iXc89IkA4Tpu8GjWc/U80zGSXYY3uNNTjr8miHdKAGfNyzGGIOKcRmIqKk6wBzNWVICPDOZnXRYf6wiQXNM7sgK2kc2QaCN27JX6Wt3WSgp7yfug1qtTha9PavQSxf4bQewYCs66GrExjY3SmEdduvT/+AwcZBlnDAMdCYG9UYAVpxEWahITCGalv8XfrhWWG/t/ar0tQH2ZeIj0Spo+TlUx0b+XLqGKZkp7AoMT61ReW/IAVgNuQXAqT18cnLE5IIFtkKOpT8UP18lc+7E7qlkQsVWYQIDAZAB"

    The key is broken down into multiple parts remove the " in the middle and join the string together and then add the " to the end

    so 66" Gr

    becomes 66Gr
     
    #10 PHILLIP BOOTH, Feb 25, 2016
    Saxtus likes this.
(You must log in or sign up to post here.)
Loading...
Similar Threads - DKIM CloudFlare
  1. Bananenbaas

    DKIM Invalid using Cloudflare

    Bananenbaas, May 12, 2017, in forum: E-mail Discussion
    Replies:
    3
    Views:
    1,731
    Bananenbaas
    Jun 9, 2017
  2. bluecup

    New Thread How do I correctly apply DKIM and SPF?

    bluecup, Dec 11, 2018 at 3:48 AM, in forum: E-mail Discussion
    Replies:
    3
    Views:
    239
    GOT
    Dec 13, 2018 at 9:10 AM
  3. smiles-s

    DKIM and SPF for Aliases

    smiles-s, Dec 10, 2018 at 5:17 AM, in forum: E-mail Discussion
    Replies:
    1
    Views:
    214
    cPanelLauren
    Dec 12, 2018 at 12:22 PM
  4. RobinF28

    SOLVED DKIM for 'root' user, to avoid emails going to spam

    RobinF28, Dec 8, 2018 at 12:54 PM, in forum: E-mail Discussion
    Replies:
    2
    Views:
    312
    RobinF28
    Dec 10, 2018 at 5:29 PM
  5. swbrains

    Automatic SPF/DKIM record generation for parked domain

    swbrains, Nov 26, 2018, in forum: E-mail Discussion
    Replies:
    1
    Views:
    219
    cPanelLauren
    Nov 28, 2018

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...
    Dismiss Notice