The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

DKIM and CloudFlare

Discussion in 'E-mail Discussions' started by esports, Feb 21, 2016.

  1. esports

    esports Member

    Joined:
    Jan 6, 2016
    Messages:
    16
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Europe
    cPanel Access Level:
    Root Administrator
    I moved a parked domain to it's own CPanel account. I deleted all 'old' DKIM keys, generated a new one via CPanel (Authentication tab). The message I got:
    Code:
    default._domainkey    14400    IN    TXT    "v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3+thDBzPCu5HvHAo4176Jg04x42FYoYtOPIEf6Px1ScCfdf2lFp9QDQL1iXc89IkA4Tpu8GjWc/U80zGSXYY3uNNTjr8miHdKAGfNyzGGIOKcRmIqKk6wBzNWVICPDOZnXRYf6wiQXNM7sgK2kc2QaCN27JX6Wt3WSgp7yfug1qtTha9PavQSxf4bQewYCs66" GrExjY3SmEdduvT/+AwcZBlnDAMdCYG9UYAVpxEWahITCGalv8XfrhWWG/t/ar0tQH2ZeIj0Spo+TlUx0b+XLqGKZkp7AoMT61ReW/IAVgNuQXAqT18cnLE5IIFtkKOpT8UP18lc+7E7qlkQsVWYQIDAZAB
    
    I removed the "" and spaces and added the key to CloudFlare. Then I went to WHM, DNS Editor and added the the Dkim there as well.

    When I email @verifier.port25.com
    I get the following answer:

    Code:
    SPF check:          pass
    DomainKeys check:   neutral
    DKIM check:         permerror
    Sender-ID check:    pass
    SpamAssassin check: ham
    
    ----------------------------------------------------------
    DKIM check details:
    ----------------------------------------------------------
    Result:         permerror (key "default._domainkey.domain.com" doesn't exist)
    ID(s) verified:
    Canonicalized Headers:
        content-transfer-encoding:7bit'0D''0A'
        content-type:text/plain;'20'charset=windows-1252;'20'format=flowed'0D''0A'
        in-reply-to:<1fd0dd9e416753e1c7202abf67d445c0@domain.com>'0D''0A'
        mime-version:1.0'0D''0A'
        date:Sun,'20'21'20'Feb'20'2016'20'18:25:02'20'+0100'0D''0A'
        message-id:<56C9F2EE.8030300@domain.com>'0D''0A'
        from:name'20'<name@domain.com>'0D''0A'
        references:<1078d5fa795fb3c65593c35233d11737@domain.com>'20'<f016a483cc857ded8f3770536d599592@domain.com>'20'<1fd0dd9e416753e1c7202abf67d445c0@domain.com>'0D''0A'
        to:check-auth@verifier.port25.com'0D''0A'
        subject:dkim'0D''0A'
        dkim-signature:v=1;'20'a=rsa-sha256;'20'q=dns/txt;'20'c=relaxed/relaxed;'20'd=domain.com;'20's=default;'20'h=Content-Transfer-Encoding:Content-Type:'20'In-Reply-To:MIME-Version:Date:Message-ID:From:References:To:Subject;'20'bh=47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=;'20'b=;
    
    Canonicalized Body:
    
    DNS record(s):
        default._domainkey.domain.com. TXT (NXDOMAIN)
    
    
    -------------------------
    
    
    What am I doing wrong? What's the correct process to add a DKIM to CPanel, DNS in WHM and CloudFlare?
     
    #1 esports, Feb 21, 2016
    Last edited by a moderator: Jun 6, 2016
  2. syslint

    syslint Well-Known Member

    Joined:
    Oct 9, 2006
    Messages:
    249
    Likes Received:
    6
    Trophy Points:
    18
    Location:
    India
    cPanel Access Level:
    Root Administrator
    Twitter:
    Are you sure the domain keys are resolving properly using "dig" from the cloudflare dns cluster ?
     
  3. esports

    esports Member

    Joined:
    Jan 6, 2016
    Messages:
    16
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Europe
    cPanel Access Level:
    Root Administrator
    I am not sure what you mean. Can you be more specific, in a noob way?

    If it helps, prior moving domain, the cf was resolving the dns correctly.
     
  4. syslint

    syslint Well-Known Member

    Joined:
    Oct 9, 2006
    Messages:
    249
    Likes Received:
    6
    Trophy Points:
    18
    Location:
    India
    cPanel Access Level:
    Root Administrator
    Twitter:
    Run the following command in your shell.

    # dig -t TXT default._domainkey.YOURDOMAINNAME.COM +trace
     
  5. esports

    esports Member

    Joined:
    Jan 6, 2016
    Messages:
    16
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Europe
    cPanel Access Level:
    Root Administrator
    Returns this:

    ;; global options: +cmd
    . 6158 IN NS c.root-servers.net.
    . 6158 IN NS f.root-servers.net.
    . 6158 IN NS m.root-servers.net.
    . 6158 IN NS j.root-servers.net.
    . 6158 IN NS g.root-servers.net.
    . 6158 IN NS l.root-servers.net.
    . 6158 IN NS a.root-servers.net.
    . 6158 IN NS b.root-servers.net.
    . 6158 IN NS d.root-servers.net.
    . 6158 IN NS i.root-servers.net.
    . 6158 IN NS h.root-servers.net.
    . 6158 IN NS e.root-servers.net.
    . 6158 IN NS k.root-servers.net.
    ;; Received 228 bytes from 8.8.8.8#53(8.8.8.8) in 92 ms

    com. 172800 IN NS a.gtld-servers.net.
    com. 172800 IN NS b.gtld-servers.net.
    com. 172800 IN NS c.gtld-servers.net.
    com. 172800 IN NS d.gtld-servers.net.
    com. 172800 IN NS e.gtld-servers.net.
    com. 172800 IN NS f.gtld-servers.net.
    com. 172800 IN NS g.gtld-servers.net.
    com. 172800 IN NS h.gtld-servers.net.
    com. 172800 IN NS i.gtld-servers.net.
    com. 172800 IN NS j.gtld-servers.net.
    com. 172800 IN NS k.gtld-servers.net.
    com. 172800 IN NS l.gtld-servers.net.
    com. 172800 IN NS m.gtld-servers.net.
    ;; Received 487 bytes from my.IP in 103 ms

    I guess this means that I have none. How can I generate one, copy it and add it in WHM & CloudFlare?
    If I click enable / disable in CPanel I do not see the key to copy it
     
    #5 esports, Feb 22, 2016
    Last edited: Feb 22, 2016
  6. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,723
    Likes Received:
    660
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello :)

    Please let us know if this document from CloudFlare is helpful:

    How do I add DKIM records?

    Also, have you used a website such as IntoDNS to verify which name server your DNS records are handled at?

    Thank you.
     
  7. esports

    esports Member

    Joined:
    Jan 6, 2016
    Messages:
    16
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Europe
    cPanel Access Level:
    Root Administrator
    Thank you for your reply.
    I know how to add the DKIM key to CloudFlare. I don't have a DKIM key to add...

    The nameservers are the ones from CloudFlare. It works ok. I just don't have a DKIM. I need to generate one, add it to DNS Editor in WHM and to CloudFlare. Not sure how to generate one..... (or better said, a new one)

    Edit: I did check intodns . Everything was fine there. The only thing I am missing is a DKIM key which doesn't show up there
     
    #7 esports, Feb 22, 2016
    Last edited: Feb 23, 2016
  8. esports

    esports Member

    Joined:
    Jan 6, 2016
    Messages:
    16
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Europe
    cPanel Access Level:
    Root Administrator
    Last night I tried again: I activated DKIM in CPANEL, added a new TXT in DNS Editor (WHM) and the same in CloudFlare.

    This is the result I got. Not sure what to do. The "public key" there is also the one displayed when running
    # dig -t TXT default._domainkey.YOURDOMAINNAME.COM +trace
    - Removed -

    I also do not understand now what do the DNS entries in the WHM do? So far I know, Cloudflare handles all the DNS so I went on and deleted all DNS from WHM...

    Now I cannot activate / deactivate SPF and DKIM...
     
    #8 esports, Feb 23, 2016
    Last edited by a moderator: Jun 6, 2016
  9. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,723
    Likes Received:
    660
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello :)

    You don't need to add an additional TXT record to the DNS zone on the cPanel server after enabling DKIM via the "Authentication" option in cPanel. This option automatically adds the DNS record for you. Thus, you simply need to copy the record over to CloudFlare. Please ensure you remove any existing TXT records for this DKIM entry in cPanel, and then enable DKIM through cPanel. You can obtain the record by viewing the zone file through "WHM >> Edit DNS Zone" or via this command:

    Code:
    cat /var/named/domain.com.db
    Thank you.
     
  10. PHILLIP BOOTH

    PHILLIP BOOTH Member

    Joined:
    Dec 6, 2015
    Messages:
    10
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    UK
    cPanel Access Level:
    Root Administrator
    This is what you are using

    "v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3+thDBzPCu5HvHAo4176Jg04x42FYoYtOPIEf6Px1ScCfdf2lFp9QDQL1iXc89IkA4Tpu8GjWc/U80zGSXYY3uNNTjr8miHdKAGfNyzGGIOKcRmIqKk6wBzNWVICPDOZnXRYf6wiQXNM7sgK2kc2QaCN27JX6Wt3WSgp7yfug1qtTha9PavQSxf4bQewYCs66"
    GrExjY3SmEdduvT/+AwcZBlnDAMdCYG9UYAVpxEWahITCGalv8XfrhWWG/t/ar0tQH2ZeIj0Spo+TlUx0b+XLqGKZkp7AoMT61ReW/IAVgNuQXAqT18cnLE5IIFtkKOpT8UP18lc+7E7qlkQsVWYQIDAZAB


    Change it to this

    "v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3+thDBzPCu5HvHAo4176Jg04x42FYoYtOPIEf6Px1ScCfdf2lFp9QDQL1iXc89IkA4Tpu8GjWc/U80zGSXYY3uNNTjr8miHdKAGfNyzGGIOKcRmIqKk6wBzNWVICPDOZnXRYf6wiQXNM7sgK2kc2QaCN27JX6Wt3WSgp7yfug1qtTha9PavQSxf4bQewYCs66GrExjY3SmEdduvT/+AwcZBlnDAMdCYG9UYAVpxEWahITCGalv8XfrhWWG/t/ar0tQH2ZeIj0Spo+TlUx0b+XLqGKZkp7AoMT61ReW/IAVgNuQXAqT18cnLE5IIFtkKOpT8UP18lc+7E7qlkQsVWYQIDAZAB"

    The key is broken down into multiple parts remove the " in the middle and join the string together and then add the " to the end

    so 66" Gr

    becomes 66Gr
     
Loading...

Share This Page