Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

DKIM and CloudFlare

Discussion in 'E-mail Discussion' started by esports, Feb 21, 2016.

  1. esports

    esports Member

    Joined:
    Jan 6, 2016
    Messages:
    17
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Europe
    cPanel Access Level:
    Root Administrator
    I moved a parked domain to it's own CPanel account. I deleted all 'old' DKIM keys, generated a new one via CPanel (Authentication tab). The message I got:
    Code:
    default._domainkey    14400    IN    TXT    "v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3+thDBzPCu5HvHAo4176Jg04x42FYoYtOPIEf6Px1ScCfdf2lFp9QDQL1iXc89IkA4Tpu8GjWc/U80zGSXYY3uNNTjr8miHdKAGfNyzGGIOKcRmIqKk6wBzNWVICPDOZnXRYf6wiQXNM7sgK2kc2QaCN27JX6Wt3WSgp7yfug1qtTha9PavQSxf4bQewYCs66" GrExjY3SmEdduvT/+AwcZBlnDAMdCYG9UYAVpxEWahITCGalv8XfrhWWG/t/ar0tQH2ZeIj0Spo+TlUx0b+XLqGKZkp7AoMT61ReW/IAVgNuQXAqT18cnLE5IIFtkKOpT8UP18lc+7E7qlkQsVWYQIDAZAB
    I removed the "" and spaces and added the key to CloudFlare. Then I went to WHM, DNS Editor and added the the Dkim there as well.

    When I email @verifier.port25.com
    I get the following answer:

    Code:
    SPF check:          pass
DomainKeys check:   neutral
DKIM check:         permerror
Sender-ID check:    pass
SpamAssassin check: ham

----------------------------------------------------------
DKIM check details:
----------------------------------------------------------
Result:         permerror (key "default._domainkey.domain.com" doesn't exist)
ID(s) verified:
Canonicalized Headers:
    content-transfer-encoding:7bit'0D''0A'
    content-type:text/plain;'20'charset=windows-1252;'20'format=flowed'0D''0A'
    in-reply-to:<1fd0dd9e416753e1c7202abf67d445c0@domain.com>'0D''0A'
    mime-version:1.0'0D''0A'
    date:Sun,'20'21'20'Feb'20'2016'20'18:25:02'20'+0100'0D''0A'
    message-id:<56C9F2EE.8030300@domain.com>'0D''0A'
    from:name'20'<name@domain.com>'0D''0A'
    references:<1078d5fa795fb3c65593c35233d11737@domain.com>'20'<f016a483cc857ded8f3770536d599592@domain.com>'20'<1fd0dd9e416753e1c7202abf67d445c0@domain.com>'0D''0A'
    to:check-auth@verifier.port25.com'0D''0A'
    subject:dkim'0D''0A'
    dkim-signature:v=1;'20'a=rsa-sha256;'20'q=dns/txt;'20'c=relaxed/relaxed;'20'd=domain.com;'20's=default;'20'h=Content-Transfer-Encoding:Content-Type:'20'In-Reply-To:MIME-Version:Date:Message-ID:From:References:To:Subject;'20'bh=47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=;'20'b=;

Canonicalized Body:

DNS record(s):
    default._domainkey.domain.com. TXT (NXDOMAIN)


-------------------------
    What am I doing wrong? What's the correct process to add a DKIM to CPanel, DNS in WHM and CloudFlare?
     
    #1 esports, Feb 21, 2016
    Last edited by a moderator: Jun 6, 2016
  2. syslint

    syslint Well-Known Member

    Joined:
    Oct 9, 2006
    Messages:
    262
    Likes Received:
    6
    Trophy Points:
    168
    Location:
    India
    cPanel Access Level:
    Root Administrator
    Twitter:
    Are you sure the domain keys are resolving properly using "dig" from the cloudflare dns cluster ?
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #2 syslint, Feb 22, 2016
  3. esports

    esports Member

    Joined:
    Jan 6, 2016
    Messages:
    17
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Europe
    cPanel Access Level:
    Root Administrator
    I am not sure what you mean. Can you be more specific, in a noob way?

    If it helps, prior moving domain, the cf was resolving the dns correctly.
     
    #3 esports, Feb 22, 2016
  4. syslint

    syslint Well-Known Member

    Joined:
    Oct 9, 2006
    Messages:
    262
    Likes Received:
    6
    Trophy Points:
    168
    Location:
    India
    cPanel Access Level:
    Root Administrator
    Twitter:
    Run the following command in your shell.

    # dig -t TXT default._domainkey.YOURDOMAINNAME.COM +trace
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #4 syslint, Feb 22, 2016
  5. esports

    esports Member

    Joined:
    Jan 6, 2016
    Messages:
    17
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Europe
    cPanel Access Level:
    Root Administrator
    Returns this:

    ;; global options: +cmd
    . 6158 IN NS c.root-servers.net.
    . 6158 IN NS f.root-servers.net.
    . 6158 IN NS m.root-servers.net.
    . 6158 IN NS j.root-servers.net.
    . 6158 IN NS g.root-servers.net.
    . 6158 IN NS l.root-servers.net.
    . 6158 IN NS a.root-servers.net.
    . 6158 IN NS b.root-servers.net.
    . 6158 IN NS d.root-servers.net.
    . 6158 IN NS i.root-servers.net.
    . 6158 IN NS h.root-servers.net.
    . 6158 IN NS e.root-servers.net.
    . 6158 IN NS k.root-servers.net.
    ;; Received 228 bytes from 8.8.8.8#53(8.8.8.8) in 92 ms

    com. 172800 IN NS a.gtld-servers.net.
    com. 172800 IN NS b.gtld-servers.net.
    com. 172800 IN NS c.gtld-servers.net.
    com. 172800 IN NS d.gtld-servers.net.
    com. 172800 IN NS e.gtld-servers.net.
    com. 172800 IN NS f.gtld-servers.net.
    com. 172800 IN NS g.gtld-servers.net.
    com. 172800 IN NS h.gtld-servers.net.
    com. 172800 IN NS i.gtld-servers.net.
    com. 172800 IN NS j.gtld-servers.net.
    com. 172800 IN NS k.gtld-servers.net.
    com. 172800 IN NS l.gtld-servers.net.
    com. 172800 IN NS m.gtld-servers.net.
    ;; Received 487 bytes from my.IP in 103 ms

    I guess this means that I have none. How can I generate one, copy it and add it in WHM & CloudFlare?
    If I click enable / disable in CPanel I do not see the key to copy it
     
    #5 esports, Feb 22, 2016
    Last edited: Feb 22, 2016
  6. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    44,802
    Likes Received:
    1,896
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello :)

    Please let us know if this document from CloudFlare is helpful:

    How do I add DKIM records?

    Also, have you used a website such as IntoDNS to verify which name server your DNS records are handled at?

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #6 cPanelMichael, Feb 22, 2016
  7. esports

    esports Member

    Joined:
    Jan 6, 2016
    Messages:
    17
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Europe
    cPanel Access Level:
    Root Administrator
    Thank you for your reply.
    I know how to add the DKIM key to CloudFlare. I don't have a DKIM key to add...

    The nameservers are the ones from CloudFlare. It works ok. I just don't have a DKIM. I need to generate one, add it to DNS Editor in WHM and to CloudFlare. Not sure how to generate one..... (or better said, a new one)

    Edit: I did check intodns . Everything was fine there. The only thing I am missing is a DKIM key which doesn't show up there
     
    #7 esports, Feb 22, 2016
    Last edited: Feb 23, 2016
  8. esports

    esports Member

    Joined:
    Jan 6, 2016
    Messages:
    17
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Europe
    cPanel Access Level:
    Root Administrator
    Last night I tried again: I activated DKIM in CPANEL, added a new TXT in DNS Editor (WHM) and the same in CloudFlare.

    This is the result I got. Not sure what to do. The "public key" there is also the one displayed when running
    # dig -t TXT default._domainkey.YOURDOMAINNAME.COM +trace
    - Removed -

    I also do not understand now what do the DNS entries in the WHM do? So far I know, Cloudflare handles all the DNS so I went on and deleted all DNS from WHM...

    Now I cannot activate / deactivate SPF and DKIM...
     
    #8 esports, Feb 23, 2016
    Last edited by a moderator: Jun 6, 2016
  9. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    44,802
    Likes Received:
    1,896
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello :)

    You don't need to add an additional TXT record to the DNS zone on the cPanel server after enabling DKIM via the "Authentication" option in cPanel. This option automatically adds the DNS record for you. Thus, you simply need to copy the record over to CloudFlare. Please ensure you remove any existing TXT records for this DKIM entry in cPanel, and then enable DKIM through cPanel. You can obtain the record by viewing the zone file through "WHM >> Edit DNS Zone" or via this command:

    Code:
    cat /var/named/domain.com.db
    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #9 cPanelMichael, Feb 23, 2016
  10. PHILLIP BOOTH

    PHILLIP BOOTH Member

    Joined:
    Dec 6, 2015
    Messages:
    10
    Likes Received:
    1
    Trophy Points:
    3
    Location:
    UK
    cPanel Access Level:
    Root Administrator
    This is what you are using

    "v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3+thDBzPCu5HvHAo4176Jg04x42FYoYtOPIEf6Px1ScCfdf2lFp9QDQL1iXc89IkA4Tpu8GjWc/U80zGSXYY3uNNTjr8miHdKAGfNyzGGIOKcRmIqKk6wBzNWVICPDOZnXRYf6wiQXNM7sgK2kc2QaCN27JX6Wt3WSgp7yfug1qtTha9PavQSxf4bQewYCs66"
    GrExjY3SmEdduvT/+AwcZBlnDAMdCYG9UYAVpxEWahITCGalv8XfrhWWG/t/ar0tQH2ZeIj0Spo+TlUx0b+XLqGKZkp7AoMT61ReW/IAVgNuQXAqT18cnLE5IIFtkKOpT8UP18lc+7E7qlkQsVWYQIDAZAB

    Change it to this

    "v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3+thDBzPCu5HvHAo4176Jg04x42FYoYtOPIEf6Px1ScCfdf2lFp9QDQL1iXc89IkA4Tpu8GjWc/U80zGSXYY3uNNTjr8miHdKAGfNyzGGIOKcRmIqKk6wBzNWVICPDOZnXRYf6wiQXNM7sgK2kc2QaCN27JX6Wt3WSgp7yfug1qtTha9PavQSxf4bQewYCs66GrExjY3SmEdduvT/+AwcZBlnDAMdCYG9UYAVpxEWahITCGalv8XfrhWWG/t/ar0tQH2ZeIj0Spo+TlUx0b+XLqGKZkp7AoMT61ReW/IAVgNuQXAqT18cnLE5IIFtkKOpT8UP18lc+7E7qlkQsVWYQIDAZAB"

    The key is broken down into multiple parts remove the " in the middle and join the string together and then add the " to the end

    so 66" Gr

    becomes 66Gr
     
    #10 PHILLIP BOOTH, Feb 25, 2016
    Saxtus likes this.
(You must log in or sign up to post here.)
Loading...
Similar Threads - DKIM CloudFlare
  1. Bananenbaas

    DKIM Invalid using Cloudflare

    Bananenbaas, May 12, 2017, in forum: E-mail Discussion
    Replies:
    3
    Views:
    1,555
    Bananenbaas
    Jun 9, 2017
  2. chagwood

    DKIM on DNSONLY

    chagwood, Oct 14, 2018 at 6:44 PM, in forum: E-mail Discussion
    Replies:
    7
    Views:
    56
    cPanelLauren
    Oct 17, 2018 at 12:09 PM
  3. chris0147

    DKIM not authenticated issue

    chris0147, Oct 10, 2018, in forum: E-mail Discussion
    Replies:
    5
    Views:
    89
    Infopro
    Oct 11, 2018 at 6:21 PM
  4. lfpiaggio

    DKIM PUB_KEY Unavailable

    lfpiaggio, Oct 1, 2018, in forum: E-mail Discussion
    Replies:
    4
    Views:
    108
    cPanelLauren
    Oct 8, 2018
  5. lfpiaggio

    DKIM: encountered the following problem validating domain : bodyhash_mismatch

    lfpiaggio, Jul 20, 2018, in forum: E-mail Discussion
    Replies:
    8
    Views:
    578
    cPanelLauren
    Aug 9, 2018

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...
    Dismiss Notice