esports

Member
Jan 6, 2016
17
0
1
Europe
cPanel Access Level
Root Administrator
I moved a parked domain to it's own CPanel account. I deleted all 'old' DKIM keys, generated a new one via CPanel (Authentication tab). The message I got:
Code:
default._domainkey    14400    IN    TXT    "v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3+thDBzPCu5HvHAo4176Jg04x42FYoYtOPIEf6Px1ScCfdf2lFp9QDQL1iXc89IkA4Tpu8GjWc/U80zGSXYY3uNNTjr8miHdKAGfNyzGGIOKcRmIqKk6wBzNWVICPDOZnXRYf6wiQXNM7sgK2kc2QaCN27JX6Wt3WSgp7yfug1qtTha9PavQSxf4bQewYCs66" GrExjY3SmEdduvT/+AwcZBlnDAMdCYG9UYAVpxEWahITCGalv8XfrhWWG/t/ar0tQH2ZeIj0Spo+TlUx0b+XLqGKZkp7AoMT61ReW/IAVgNuQXAqT18cnLE5IIFtkKOpT8UP18lc+7E7qlkQsVWYQIDAZAB
I removed the "" and spaces and added the key to CloudFlare. Then I went to WHM, DNS Editor and added the the Dkim there as well.

When I email @verifier.port25.com
I get the following answer:

Code:
SPF check:          pass
DomainKeys check:   neutral
DKIM check:         permerror
Sender-ID check:    pass
SpamAssassin check: ham

----------------------------------------------------------
DKIM check details:
----------------------------------------------------------
Result:         permerror (key "default._domainkey.domain.com" doesn't exist)
ID(s) verified:
Canonicalized Headers:
    content-transfer-encoding:7bit'0D''0A'
    content-type:text/plain;'20'charset=windows-1252;'20'format=flowed'0D''0A'
    in-reply-to:<[email protected]>'0D''0A'
    mime-version:1.0'0D''0A'
    date:Sun,'20'21'20'Feb'20'2016'20'18:25:02'20'+0100'0D''0A'
    message-id:<[email protected]>'0D''0A'
    from:name'20'<[email protected]>'0D''0A'
    references:<[email protected]>'20'<[email protected]>'20'<[email protected]>'0D''0A'
    to:[email protected]'0D''0A'
    subject:dkim'0D''0A'
    dkim-signature:v=1;'20'a=rsa-sha256;'20'q=dns/txt;'20'c=relaxed/relaxed;'20'd=domain.com;'20's=default;'20'h=Content-Transfer-Encoding:Content-Type:'20'In-Reply-To:MIME-Version:Date:Message-ID:From:References:To:Subject;'20'bh=47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=;'20'b=;

Canonicalized Body:

DNS record(s):
    default._domainkey.domain.com. TXT (NXDOMAIN)


-------------------------
What am I doing wrong? What's the correct process to add a DKIM to CPanel, DNS in WHM and CloudFlare?
 
Last edited by a moderator:

syslint

Well-Known Member
Verifed Vendor
Oct 9, 2006
268
7
168
India
cPanel Access Level
Root Administrator
Twitter
Are you sure the domain keys are resolving properly using "dig" from the cloudflare dns cluster ?
 

syslint

Well-Known Member
Verifed Vendor
Oct 9, 2006
268
7
168
India
cPanel Access Level
Root Administrator
Twitter
Run the following command in your shell.

# dig -t TXT default._domainkey.YOURDOMAINNAME.COM +trace
 

esports

Member
Jan 6, 2016
17
0
1
Europe
cPanel Access Level
Root Administrator
Run the following command in your shell.

# dig -t TXT default._domainkey.YOURDOMAINNAME.COM +trace
Returns this:

;; global options: +cmd
. 6158 IN NS c.root-servers.net.
. 6158 IN NS f.root-servers.net.
. 6158 IN NS m.root-servers.net.
. 6158 IN NS j.root-servers.net.
. 6158 IN NS g.root-servers.net.
. 6158 IN NS l.root-servers.net.
. 6158 IN NS a.root-servers.net.
. 6158 IN NS b.root-servers.net.
. 6158 IN NS d.root-servers.net.
. 6158 IN NS i.root-servers.net.
. 6158 IN NS h.root-servers.net.
. 6158 IN NS e.root-servers.net.
. 6158 IN NS k.root-servers.net.
;; Received 228 bytes from 8.8.8.8#53(8.8.8.8) in 92 ms

com. 172800 IN NS a.gtld-servers.net.
com. 172800 IN NS b.gtld-servers.net.
com. 172800 IN NS c.gtld-servers.net.
com. 172800 IN NS d.gtld-servers.net.
com. 172800 IN NS e.gtld-servers.net.
com. 172800 IN NS f.gtld-servers.net.
com. 172800 IN NS g.gtld-servers.net.
com. 172800 IN NS h.gtld-servers.net.
com. 172800 IN NS i.gtld-servers.net.
com. 172800 IN NS j.gtld-servers.net.
com. 172800 IN NS k.gtld-servers.net.
com. 172800 IN NS l.gtld-servers.net.
com. 172800 IN NS m.gtld-servers.net.
;; Received 487 bytes from my.IP in 103 ms

I guess this means that I have none. How can I generate one, copy it and add it in WHM & CloudFlare?
If I click enable / disable in CPanel I do not see the key to copy it
 
Last edited:

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,884
2,243
463
Hello :)

Please let us know if this document from CloudFlare is helpful:

How do I add DKIM records?

Also, have you used a website such as IntoDNS to verify which name server your DNS records are handled at?

Thank you.
 

esports

Member
Jan 6, 2016
17
0
1
Europe
cPanel Access Level
Root Administrator
Hello :)

Please let us know if this document from CloudFlare is helpful:

How do I add DKIM records?

Also, have you used a website such as IntoDNS to verify which name server your DNS records are handled at?

Thank you.
Thank you for your reply.
I know how to add the DKIM key to CloudFlare. I don't have a DKIM key to add...

The nameservers are the ones from CloudFlare. It works ok. I just don't have a DKIM. I need to generate one, add it to DNS Editor in WHM and to CloudFlare. Not sure how to generate one..... (or better said, a new one)

Edit: I did check intodns . Everything was fine there. The only thing I am missing is a DKIM key which doesn't show up there
 
Last edited:

esports

Member
Jan 6, 2016
17
0
1
Europe
cPanel Access Level
Root Administrator
Last night I tried again: I activated DKIM in CPANEL, added a new TXT in DNS Editor (WHM) and the same in CloudFlare.

This is the result I got. Not sure what to do. The "public key" there is also the one displayed when running
# dig -t TXT default._domainkey.YOURDOMAINNAME.COM +trace
- Removed -

I also do not understand now what do the DNS entries in the WHM do? So far I know, Cloudflare handles all the DNS so I went on and deleted all DNS from WHM...

Now I cannot activate / deactivate SPF and DKIM...
 
Last edited by a moderator:

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,884
2,243
463
Last night I tried again: I activated DKIM in CPANEL, added a new TXT in DNS Editor (WHM) and the same in CloudFlare.
Hello :)

You don't need to add an additional TXT record to the DNS zone on the cPanel server after enabling DKIM via the "Authentication" option in cPanel. This option automatically adds the DNS record for you. Thus, you simply need to copy the record over to CloudFlare. Please ensure you remove any existing TXT records for this DKIM entry in cPanel, and then enable DKIM through cPanel. You can obtain the record by viewing the zone file through "WHM >> Edit DNS Zone" or via this command:

Code:
cat /var/named/domain.com.db
Thank you.
 

PHILLIP BOOTH

Member
Dec 6, 2015
10
1
3
UK
cPanel Access Level
Root Administrator
This is what you are using

"v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3+thDBzPCu5HvHAo4176Jg04x42FYoYtOPIEf6Px1ScCfdf2lFp9QDQL1iXc89IkA4Tpu8GjWc/U80zGSXYY3uNNTjr8miHdKAGfNyzGGIOKcRmIqKk6wBzNWVICPDOZnXRYf6wiQXNM7sgK2kc2QaCN27JX6Wt3WSgp7yfug1qtTha9PavQSxf4bQewYCs66"
GrExjY3SmEdduvT/+AwcZBlnDAMdCYG9UYAVpxEWahITCGalv8XfrhWWG/t/ar0tQH2ZeIj0Spo+TlUx0b+XLqGKZkp7AoMT61ReW/IAVgNuQXAqT18cnLE5IIFtkKOpT8UP18lc+7E7qlkQsVWYQIDAZAB


Change it to this

"v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3+thDBzPCu5HvHAo4176Jg04x42FYoYtOPIEf6Px1ScCfdf2lFp9QDQL1iXc89IkA4Tpu8GjWc/U80zGSXYY3uNNTjr8miHdKAGfNyzGGIOKcRmIqKk6wBzNWVICPDOZnXRYf6wiQXNM7sgK2kc2QaCN27JX6Wt3WSgp7yfug1qtTha9PavQSxf4bQewYCs66GrExjY3SmEdduvT/+AwcZBlnDAMdCYG9UYAVpxEWahITCGalv8XfrhWWG/t/ar0tQH2ZeIj0Spo+TlUx0b+XLqGKZkp7AoMT61ReW/IAVgNuQXAqT18cnLE5IIFtkKOpT8UP18lc+7E7qlkQsVWYQIDAZAB"

The key is broken down into multiple parts remove the " in the middle and join the string together and then add the " to the end

so 66" Gr

becomes 66Gr
 
  • Like
Reactions: Saxtus