SOLVED DKIM for 'root' user, to avoid emails going to spam

Hi Guys,

In relation to [closed] topic...

[CPANEL-20425] DKIM for main server hostname

cPanelMichael suggested we temporarily add the server's FQDN to the "DNS=" in the 'nobody' user, in order to create a workaround to automatically add DKIM data for the root (nobody) user.

I would like to create DKIM for our server, as emails from root are intermittently going to spam in Gmail, however, we don't have a user nobody in /var/cpanel/users/nobody - as is suggested.

You can temporarily add the following entry to /var/cpanel/users/nobody as a workaround:

Code:

  DNS=hostname.domain.com 

Then, run this command:

Code:

  /usr/local/cpanel/bin/dkim_keys_install nobody 

So, my question is: Can I simply create the file or user in /var/cpanel/users/ ?

Any help or input would be appreciated, thank you.

Regards, Robin.

 

Great, thanks Michael.
Good news re. v78, it keeps getting better & better...

 

Hi ribo,

I do not believe it's the same "user", no.

Nobody is a separate "user" to system, and I must admit I had initially attempted to add DKIM records for system, but it caused an error and a system warning when I ran the DKIM keys script, so no, don't attempt this with the system user.

Just create a user nobody, and do as suggest above - it works just fine.

Robin.

 

Simple,

Code:

 
touch /var/cpanel/users/nobody

Then,

Code:

/usr/local/cpanel/bin/dkim_keys_install nobody

as previously advised my Michael.

You'll then have to copy the generated public key into your correct DNS record for the server's FQDM etc.

Hope this helps.

- Robin.

 

Note: (as per Michael)...

The DKIM public and private keys are stored in the following directories:

/var/cpanel/domain_keys/public/
/var/cpanel/domain_keys/private/

 

OK, you need to create a new record in your Hostname's DNS records.

A TXT record with the FQDN [i.e. "srv.xxxxxx.xxx" ("srv" is the first part of my hostname, in my case) - see attached image] which contains the 2048bit public key created in the public folder of you "new" nobody's file.

This will then be interrogated by a mail system when it receives the email from your server (remember the FQDN) and it will use this key to complete/compute the algorithm for verifying the credentials for DKIM etc.



Hope this helps, but there are many examples on Google if you search...

Cheers, Robin.

 

Hi Ribo,

The "default._domainkey" is the correct notation for the DKIM TXT record, together with the DATA that is your public key,

i.e.

v=DKIM1; k=rsa; and p=<your public key here>;

You need the FQDN after the default._domainkey.<HERE> for the root user to have a registered DKIM record published.

i.e.

default._domainkey.somename.domain.tld

This is your TXT record that must be published for DKIM.

You must also have the correct A records published, but I'm sure this is already the case.

i.e.

A record for "somename.domain.tld" = xxx.xxx.xxx.xxx

Also, the MX record must be published for somename.domain.tld, etc.

Please see some good support links here...

• DKIM Core Technical Specification
• Configuring DNS records for DomainKeys / DKIM
• DomainKeys / DKIM - Knowledgebase - XpertDNS(tm) by Xpert Group Technologies, Inc.

- Robin.

 

For the sake of clarity, I should have added/reiterated the step in BOLD below, sorry!