SOLVED DKIM for 'root' user, to avoid emails going to spam

RobinF28 · Dec 8, 2018

Hi Guys,

In relation to [closed] topic...

[CPANEL-20425] DKIM for main server hostname

cPanelMichael suggested we temporarily add the server's FQDN to the "DNS=" in the 'nobody' user, in order to create a workaround to automatically add DKIM data for the root (nobody) user.

I would like to create DKIM for our server, as emails from root are intermittently going to spam in Gmail, however, we don't have a user nobody in /var/cpanel/users/nobody - as is suggested.

You can temporarily add the following entry to /var/cpanel/users/nobody as a workaround:

Code:

DNS=hostname.domain.com

Then, run this command:

Code:

/usr/local/cpanel/bin/dkim_keys_install nobody

So, my question is: Can I simply create the file or user in /var/cpanel/users/ ?

Any help or input would be appreciated, thank you.

Regards, Robin.

cPanelMichael · Dec 10, 2018

Hello @RobinF28,

RobinF28 said:
So, my question is: Can I simply create the file or user in /var/cpanel/users/ ?

Yes, simply create the "nobody" file first. EX:

Code:

touch /var/cpanel/users/nobody

Also, good news going forward! cPanel & WHM version 78 is tentatively set to include a new Email Deliverability option in Web Host Manager that will allow administrators to more easily detect and solve email delivery issues. Included with this feature is a tool that will check if the DKIM record for the server's hostname exists, and if not, provide an option to automatically add the record (as long as the parent domain resolves to the cPanel server).

Thank you.

RobinF28 · Dec 10, 2018

Great, thanks Michael.
Good news re. v78, it keeps getting better & better...

ribo · Dec 22, 2018

cPanelMichael said:
Hello @RobinF28,

Yes, simply create the "nobody" file first. EX:

Code:

touch /var/cpanel/users/nobody

Is this the same file with /var/cpanel/users/system ?

RobinF28 · Dec 23, 2018

Hi ribo,

I do not believe it's the same "user", no.

Nobody is a separate "user" to system, and I must admit I had initially attempted to add DKIM records for system, but it caused an error and a system warning when I ran the DKIM keys script, so no, don't attempt this with the system user.

Just create a user nobody, and do as suggest above - it works just fine.

Robin.

ribo · Dec 23, 2018

Thank you RobinF28.
What is the command to create the user nobody?
Edit: Sorry i did n t saw the command above

ribo · Dec 23, 2018

It did n t work for me. I still get some server messages(not every messages) to gmail spam folder

RobinF28 · Dec 23, 2018

Simple,

Code:

touch /var/cpanel/users/nobody

Then,

Code:

/usr/local/cpanel/bin/dkim_keys_install nobody

as previously advised my Michael.

You'll then have to copy the generated public key into your correct DNS record for the server's FQDM etc.

Hope this helps.

- Robin.

RobinF28 · Dec 23, 2018

Note: (as per Michael)...

The DKIM public and private keys are stored in the following directories:

/var/cpanel/domain_keys/public/
/var/cpanel/domain_keys/private/

ribo · Dec 23, 2018

Hello, what i did is:
create nobody user, put DNS=hostname.domain.com in nobody file, install dkim_keys , after i was delete
DNS=hostname.domain.com from nobody file .
Now i did n t understand where must i copy the generated public key

RobinF28 · Dec 24, 2018

OK, you need to create a new record in your Hostname's DNS records.

A TXT record with the FQDN [i.e. "srv.xxxxxx.xxx" ("srv" is the first part of my hostname, in my case) - see attached image] which contains the 2048bit public key created in the public folder of you "new" nobody's file.

This will then be interrogated by a mail system when it receives the email from your server (remember the FQDN) and it will use this key to complete/compute the algorithm for verifying the credentials for DKIM etc.

Hope this helps, but there are many examples on Google if you search...

Cheers, Robin.

ribo · Dec 24, 2018

I had default._domainkey with the 2048bit public key as you have it too. What i don t have is domainkey like your example. I created domainkey like your example but i still have the same results. My issue is that some server messages goes to spam folder and some server messages goes to inbox

RobinF28 · Dec 24, 2018

Hi Ribo,

The "default._domainkey" is the correct notation for the DKIM TXT record, together with the DATA that is your public key,

i.e.

v=DKIM1; k=rsa; and p=<your public key here>;

You need the FQDN after the default._domainkey.<HERE> for the root user to have a registered DKIM record published.

i.e.

default._domainkey.somename.domain.tld

This is your TXT record that must be published for DKIM.

You must also have the correct A records published, but I'm sure this is already the case.

i.e.

A record for "somename.domain.tld" = xxx.xxx.xxx.xxx

Also, the MX record must be published for somename.domain.tld, etc.

Please see some good support links here...

- Robin.

cPanelMichael · Dec 25, 2018

ribo said:
My issue is that some server messages goes to spam folder and some server messages goes to inbox

Hi @ribo,

If you've confirmed the DKIM record is setup for the hostname, then you'll also want to make sure the other guidelines on the following document are followed:

How to Keep your Email Out of the Spam Folder - cPanel Knowledge Base - cPanel Documentation

If you need help verifying the records are setup properly, feel free to open a support ticket and we'll take a closer look at your system.

Thank you.

RobinF28 · Jan 12, 2019

For the sake of clarity, I should have added/reiterated the step in BOLD below, sorry!

RobinF28 said:
Simple,

Code:

touch /var/cpanel/users/nobody

Temporarily add the following entry to /var/cpanel/users/nobody as a workaround:

Code:

DNS=hostname.domain.com

Then,

Code:

/usr/local/cpanel/bin/dkim_keys_install nobody

as previously advised my Michael.

You'll then have to copy the generated public key into your correct DNS record for the server's FQDM etc.

Hope this helps.

- Robin.

cPanelMichael · Jan 14, 2019

Hi @RobinF28,

Thanks for clarifying.

Also, here's my recent response from the thread linked in the first post here:

Hello Everyone,

Good news going forward! cPanel & WHM version 78 is tentatively set to include a new Email Deliverability option in Web Host Manager that will allow administrators to more easily detect and solve email delivery issues. Included with this feature is a tool that will check if the DKIM record for the server's hostname exists, and if not, provide an option to automatically add the record (as long as the parent domain resolves to the cPanel server). More information about this feature will be published on cPanel Releases once version 78 is closer to publication.

Thank you.

Thanks!

Thread starter	Similar threads	Forum	Replies	Date
G	Message not signed with DKIM?	Email	7	Dec 27, 2020
G	Message not signed with DKIM, domains are not aligned can't check DMARC	Email	3	Dec 9, 2020
P	cPanel Not Signing DKIM for Sites with External Name Servers	Email	7	Dec 3, 2020
K	SOLVED Emails are going to spam despite SPF, DMARC, DKIM	Email	12	Nov 19, 2020
Q	MTA with no Message-ID causes incorrect DKIM Signature h record	Email	3	Oct 19, 2020

Search

Search

SOLVED DKIM for 'root' user, to avoid emails going to spam

RobinF28

Active Member

cPanelMichael

Administrator

RobinF28

Active Member

ribo

Well-Known Member

RobinF28

Active Member

ribo

Well-Known Member

ribo

Well-Known Member

RobinF28

Active Member

RobinF28

Active Member

ribo

Well-Known Member

RobinF28

Active Member

ribo

Well-Known Member

RobinF28

Active Member

cPanelMichael

Administrator

RobinF28

Active Member

cPanelMichael

Administrator