Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

DKIM default._domainkey

Discussion in 'E-mail Discussion' started by exxhal, May 19, 2018.

  1. exxhal

    exxhal Member

    Joined:
    Dec 26, 2017
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Antwerp
    cPanel Access Level:
    Root Administrator
    Hello, having some (questions)problems to setup dkim.

    In my WHM panel i go to dns zone for a domain and i see for DKIM :
    default._domainkey . TXT 14400 "v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9U530KHapZR0vKV5Y7zChtK6inKzhEzqlTNHBi6+z4uycL5mVYf+wCu1hHMTZTs1dqtCtDA2bVA4laWXfY6j442jkgq5rctveTmOULNInatZ5CFNqADG7L5dLDJsGjZ07F9mSJAATCVdG3uwGoa6SUuT+wSt72LZt5BMnZoi1dSAz93jgE5Bq/DRSOClQ1rr" zjNPeeOip6MJ9km8idpZ9raUss6lW96fcikL5o40Z58XMPHMqq37DoSw+S+EP1nwBwrbbefRYi3mSU5uUujgfIVTkfxHcU5Qj1goongTepvkojG0eYeZG4OouejPdAcnX/7dpOagMBr29KkaCowIDAQAB\;

    Do i use default._domainkey. at my domainname DNShoster or is default just some random input and must i do some other stuff to make DKIM work?

    thans!
     
  2. exxhal

    exxhal Member

    Joined:
    Dec 26, 2017
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Antwerp
    cPanel Access Level:
    Root Administrator
    Ok an update. DNS config. looks good. But now i get the message : bad RSA signature

    Code:
    
    DKIM Information:
    DKIM Signature
    Message contains this DKIM Signature:
    DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=carking.be;
        s=default; h=Content-Transfer-Encoding:Content-Type:MIME-Version:Date:
       Message-ID:Subject:From:To:Sender:Reply-To:Cc:Content-ID:Content-Description:
       Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:
       In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:
       List-Post:List-Owner:List-Archive;
       bh=g3zLYH4xKxcPrHOD18z9YfpQcnk/GaJedfustWU5uGs=; b=OUOY3mS5VriCceAiy2qWtZWhwQ
       w03cRs8Z+jBkoQogVGQQVRunE3Ls+C3nmZGyPN8lc9c8yHGifdUogSMoBWx5g7ds1ENtLrEoCc2Rj
       rHFDkrru/lAHqSIP0THHDsiR+AMyyErLMW1yVDfaDvJ67aHe4JA/0LZrpDfEcfXkdMG78uUASt14E
       POIMPjWps7ugFsWmH43eB5JMU0Fcw3wfPyNSWLju4Utm5jzvtSZlik6/IEtm2bQQD/sss+SRpiKy1
       KUU6GohMH5marz3jLovAfo8iV9kWnNoZOy9agU6Qvz2DssAaq9ANyg4bjIGRQ4OUVrA5axAV4p5Zo
       u8s5IPLQ==;
    
    
    Signature Information:
    v= Version:         1
    a= Algorithm:       rsa-sha256
    c= Method:          relaxed/relaxed
    d= Domain:          example.com
    s= Selector:        default
    q= Protocol:        dns/txt
    bh=                 g3zLYH4xKxcPrHOD18z9YfpQcnk/GaJedfustWU5uGs=
    h= Signed Headers:  Content-Transfer-Encoding:Content-Type:MIME-Version:Date:
       Message-ID:Subject:From:To:Sender:Reply-To:Cc:Content-ID:Content-Description:
       Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:
       In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:
       List-Post:List-Owner:List-Archive
    b= Data:            OUOY3mS5VriCceAiy2qWtZWhwQ
       w03cRs8Z+jBkoQogVGQQVRunE3Ls+C3nmZGyPN8lc9c8yHGifdUogSMoBWx5g7ds1ENtLrEoCc2Rj
       rHFDkrru/lAHqSIP0THHDsiR+AMyyErLMW1yVDfaDvJ67aHe4JA/0LZrpDfEcfXkdMG78uUASt14E
       POIMPjWps7ugFsWmH43eB5JMU0Fcw3wfPyNSWLju4Utm5jzvtSZlik6/IEtm2bQQD/sss+SRpiKy1
       KUU6GohMH5marz3jLovAfo8iV9kWnNoZOy9agU6Qvz2DssAaq9ANyg4bjIGRQ4OUVrA5axAV4p5Zo
       u8s5IPLQ==
    Public Key DNS Lookup
    Building DNS Query for default._domainkey.example.com
    Retrieved this publickey from DNS: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA99U/5iXvrMyV3/ZsuUaems3pihBxWSOybRzdLPh1NOJcA3PY8nYWOdgGdDQCJgi1tKemgfyKKe+fzCczht92urTXG4SF00DCpxRX3ZUIJdWv6cvPcXXxs2lyjoSCE3c7Cg3K6ysu6E4P4UJiTfYj//0CZZfMJeFAJHck9FHXvdbWIcn7zvk4YEkgUVMB4cARZnIHocRChC8Fpt0ZToeTpCeNC+TNOeFCNBstGxkYxz6mdw0JSFlj63MgqyLFnmchaXEC9/akd0uvBQPWymh3+a0qLtCzz0WaL+isniGYJwHz6gMgr/p0CjgmqCgxXrLPyUxrfG6Pp/cZG1bw+ZZzVwIDAQAB
    Validating Signature
    result = fail
    Details: bad RSA signature
    
    
     
  3. exxhal

    exxhal Member

    Joined:
    Dec 26, 2017
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Antwerp
    cPanel Access Level:
    Root Administrator
    ok some good and bad.

    the follow error is comming : R=dkim_lookuphost defer (-1): host lookup did not complete

    also when i check the dkim i got one mailadres that gives a valid dkim and i use the same input ? But still not resolving the host when i sent mails toonother server(email). there i get an error (

    DKIM Information:
    Code:
    DKIM Signature
    Message contains this DKIM Signature:
    DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=example.net
    ; s=default; h=Content-Transfer-Encoding:Content-Type:MIME-Version:Date:
    Message-ID:Subject:From:To:Sender:Reply-To:Cc:Content-ID:Content-Description:
    Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:
    In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:
    List-Post:List-Owner:List-Archive;
    bh=47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=; b=N031YZzw5jqFCyLQvCDjDbDOeM
    zoeRzZjMsQFrYtmmdbDfbvi3i6yVCWtNmcPuSpJp1Rtk9bqnzkYhgWALdHJ0BsaI2wU35erJojG6P
    buxuzGWTrA0hTARW1+eEOwoLa6Ht/IDHemykS3WuNptWLrhoiW628r/9x4u3y4altADp3KrIlQNCa
    nPJbN/ZtzqIS/TYFYFa22GUxroV+3FO2AxEZhp0bOTWQhjEhwYEtRk8AbdvK2zZm2DMvqGon2+sec
    KwYgwGJzdIpkbjVaozSHxgMrMNgRQJ+bx3xK1BNrO+SK4CbCCroDX6b30gFocXrLVekj+zZzh5IAA
    HoBnZHQg==;
    
    
    Signature Information:
    v= Version: 1
    a= Algorithm: rsa-sha256
    c= Method: relaxed/relaxed
    d= Domain: example.net
    s= Selector: default
    q= Protocol: dns/txt
    bh= 47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=
    h= Signed Headers: Content-Transfer-Encoding:Content-Type:MIME-Version:Date:
    Message-ID:Subject:From:To:Sender:Reply-To:Cc:Content-ID:Content-Description:
    Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:
    In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:
    List-Post:List-Owner:List-Archive
    b= Data: N031YZzw5jqFCyLQvCDjDbDOeM
    zoeRzZjMsQFrYtmmdbDfbvi3i6yVCWtNmcPuSpJp1Rtk9bqnzkYhgWALdHJ0BsaI2wU35erJojG6P
    buxuzGWTrA0hTARW1+eEOwoLa6Ht/IDHemykS3WuNptWLrhoiW628r/9x4u3y4altADp3KrIlQNCa
    nPJbN/ZtzqIS/TYFYFa22GUxroV+3FO2AxEZhp0bOTWQhjEhwYEtRk8AbdvK2zZm2DMvqGon2+sec
    KwYgwGJzdIpkbjVaozSHxgMrMNgRQJ+bx3xK1BNrO+SK4CbCCroDX6b30gFocXrLVekj+zZzh5IAA
    HoBnZHQg==
    Public Key DNS Lookup
    Building DNS Query for default._domainkey.example.net
    Retrieved this publickey from DNS: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA99U/5iXvrMyV3/ZsuUaems3pihBxWSOybRzdLPh1NOJcA3PY8nYWOdgGdDQCJgi1tKemgfyKKe+fzCczht92urTXG4SF00DCpxRX3ZUIJdWv6cvPcXXxs2lyjoSCE3c7Cg3K6ysu6E4P4UJiTfYj//0CZZfMJeFAJHck9FHXvdbWIcn7zvk4YEkgUVMB4cARZnIHocRChC8Fpt0ZToeTpCeNC+TNOeFCNBstGxkYxz6mdw0JSFlj63MgqyLFnmchaXEC9/akd0uvBQPWymh3+a0qLtCzz0WaL+isniGYJwHz6gMgr/p0CjgmqCgxXrLPyUxrfG6Pp/cZG1bw+ZZzVwIDAQAB
    Validating Signature
    result = pass
    Details:
    
    
     
    #3 exxhal, May 20, 2018
    Last edited by a moderator: May 20, 2018
  4. exxhal

    exxhal Member

    Joined:
    Dec 26, 2017
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Antwerp
    cPanel Access Level:
    Root Administrator
    Just a question, how many times can you use a DKIM passw , now i use it on 2 domains is that correct ?
    one domain is valid (example.net) the other (example.com) gives me a bad RSA signature.

    When i check onDKIM i get :

    Valid Record
    This is a valid 2048 bit DKIM key record

    but on dkimvalidator.com gives me a bad RSA for example.com
    In WHM i use the same DKIM in the DNS zone.
     
    #4 exxhal, May 20, 2018
    Last edited by a moderator: May 20, 2018
  5. cPanelLauren

    cPanelLauren Forums Analyst II
    Staff Member

    Joined:
    Nov 14, 2017
    Messages:
    3,059
    Likes Received:
    213
    Trophy Points:
    173
    Location:
    Houston
    cPanel Access Level:
    DataCenter Provider
    Hello @exxhal

    Is this the dkim record being generated through cPanel? I do get an error when looking up the DKIM record itself at dkimcore

    Are you using the same DKIM record for two domains? Each domain should have its own, and they're each able to be automatically generated by cPanel so pending your cPanel server's nameservers are authoritative for the domain you shouldn't need to make any DNS modifications to enable this.

    Thanks!
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice