DKIM doesn't work with forwarders?!

kpmedia

kpmedia

Well-Known Member
Feb 13, 2011
90
1
58
USA, Europe
cPanel Access Level
Root Administrator
DKIM should be about the domain itself -- not the accounts. However, in cPanel, I've found a flaw.

Example:
- My account is "[email protected]"
- I have [email protected], [email protected] and [email protected] as forwarders.
- Using Outlook, I can have 3 "accounts". Same settings, but different reply names. (Only 1 checks, the others act as outbound only.)
- When on the road, I can check 1 account in webmail/Roundcube on an iPad, and reply as [email protected]

But DKIM doesn't sign. :mad:

DKIM only signs it when I connect (IMAP/POP) as "mybox" and show "[email protected]" as the reply address.

That's fubar.

Have I missed a setting somewhere, or does cPanel/exim insist that DKIM happen at the account level? Because, again, that's not correct according to DKIM standards. It's about the domain, not the account.

I can do it with MailEnable on Windows with zero issues.
 
Last edited:
I

Infopro

Well-Known Member
May 20, 2003
17,075
524
613
Pennsylvania
cPanel Access Level
Root Administrator
Twitter
In your: cPanel > Mail section > Email Authentication you'll find the DKIM options for your cPanel account of course. Assuming these are enabled there, disable DKIM, and then Go Back, and disable SPF. Next, Go Back and enable DKIM. Then Go Back and enable SPF.

Send an email from any of the accounts to this address: [email protected] wait a few moments for a result email to be sent back to you. What does that result email say?
 
kpmedia

kpmedia

Well-Known Member
Feb 13, 2011
90
1
58
USA, Europe
cPanel Access Level
Root Administrator
Did that already.

Even went into SSH and deleted the old .removed files from the public/private DKIM folders, on a second try. It's not the enabled/disabled status that does it.

For some reason, Exim (cPanel implementation) will not sign email unless the account/mailbox is used as the FROM. It's not right. Even if I signed the email as [email protected], the DKIM should still sign the private key, since I'm connecting to the server via [email protected]. (And in that case, of course, the public key would not match and would show a DKIM error.)

The test on DKIM with [email protected]/[email protected]/etc (example forwards) has no DKIM signing. It comes back neutral. I've verified that with Port25, appmaildev.com and unlocktheinbox.com. The domain has ADKIM as all, so the unsigned email fails since it's not signed.

I've used Exim in the past -- forget if it was ISPConfig or Virtualmin -- but did not have the error. (I'll be reinstalling on a test VPS just to verify it's not Exim.) Never seen this behavior from a mailserver before. That's not proper DKIM signing.

Update:

I ran more tests. This works fine on another cPanel server.
This server is still early in the testing phase, so I'm going to reinstall cPanel. We'll see what happens.
 
Last edited:
You must log in or register to reply here.
Thread starter Similar threads Forum Replies Date
D DNS Error Occurred , DKIM,SPF Email 30
C Can we regenerate New DKIM signature in Cpanel? Email 1
N Configure Website and Email on different servers and dkim records Email 4
A Email goes to spam even with valid SPF, DKIM and DMARC records, dynamic rDNS on AWS instance Email 1
K multiple DKIM records Email 3
Similar threads
DNS Error Occurred , DKIM,SPF
Can we regenerate New DKIM signature in Cpanel?
Configure Website and Email on different servers and dkim records
Email goes to spam even with valid SPF, DKIM and DMARC records, dynamic rDNS on AWS instance
multiple DKIM records
Top Bottom