SOLVED DKIM for 'root' user, to avoid emails going to spam

RobinF28

Active Member
Jun 27, 2015
39
8
8
Elgin, Scotland
cPanel Access Level
Root Administrator
Hi Guys,

In relation to [closed] topic...

[CPANEL-20425] DKIM for main server hostname

cPanelMichael suggested we temporarily add the server's FQDN to the "DNS=" in the 'nobody' user, in order to create a workaround to automatically add DKIM data for the root (nobody) user.

I would like to create DKIM for our server, as emails from root are intermittently going to spam in Gmail, however, we don't have a user nobody in /var/cpanel/users/nobody - as is suggested.

You can temporarily add the following entry to /var/cpanel/users/nobody as a workaround:
Code:
  DNS=hostname.domain.com

Then, run this command:
Code:
  /usr/local/cpanel/bin/dkim_keys_install nobody


So, my question is: Can I simply create the file or user in /var/cpanel/users/ ?

Any help or input would be appreciated, thank you.

Regards, Robin.
 

cPanelMichael

Technical Support Community Manager
Staff member
Apr 11, 2011
47,911
2,233
363
cPanel Access Level
DataCenter Provider
Twitter
Hello @RobinF28,

So, my question is: Can I simply create the file or user in /var/cpanel/users/ ?
Yes, simply create the "nobody" file first. EX:

Code:
touch /var/cpanel/users/nobody
Also, good news going forward! cPanel & WHM version 78 is tentatively set to include a new Email Deliverability option in Web Host Manager that will allow administrators to more easily detect and solve email delivery issues. Included with this feature is a tool that will check if the DKIM record for the server's hostname exists, and if not, provide an option to automatically add the record (as long as the parent domain resolves to the cPanel server).

Thank you.
 
  • Like
Reactions: RobinF28

RobinF28

Active Member
Jun 27, 2015
39
8
8
Elgin, Scotland
cPanel Access Level
Root Administrator
Hi ribo,

I do not believe it's the same "user", no.

Nobody is a separate "user" to system, and I must admit I had initially attempted to add DKIM records for system, but it caused an error and a system warning when I ran the DKIM keys script, so no, don't attempt this with the system user.

Just create a user nobody, and do as suggest above - it works just fine.

Robin.
 

RobinF28

Active Member
Jun 27, 2015
39
8
8
Elgin, Scotland
cPanel Access Level
Root Administrator
Simple,

Code:
touch /var/cpanel/users/nobody
Then,

Code:
/usr/local/cpanel/bin/dkim_keys_install nobody
as previously advised my Michael.

You'll then have to copy the generated public key into your correct DNS record for the server's FQDM etc.

Hope this helps.

- Robin.
 
  • Like
Reactions: cPanelMichael

ribo

Well-Known Member
Oct 15, 2015
66
2
8
Greece
cPanel Access Level
Root Administrator
Hello, what i did is:
create nobody user, put DNS=hostname.domain.com in nobody file, install dkim_keys , after i was delete
DNS=hostname.domain.com from nobody file .
Now i did n t understand where must i copy the generated public key
 

RobinF28

Active Member
Jun 27, 2015
39
8
8
Elgin, Scotland
cPanel Access Level
Root Administrator
OK, you need to create a new record in your Hostname's DNS records.

A TXT record with the FQDN [i.e. "srv.xxxxxx.xxx" ("srv" is the first part of my hostname, in my case) - see attached image] which contains the 2048bit public key created in the public folder of you "new" nobody's file.

This will then be interrogated by a mail system when it receives the email from your server (remember the FQDN) and it will use this key to complete/compute the algorithm for verifying the credentials for DKIM etc.

Blacknight Control Panel(25).png

Hope this helps, but there are many examples on Google if you search...

Cheers, Robin.
 

ribo

Well-Known Member
Oct 15, 2015
66
2
8
Greece
cPanel Access Level
Root Administrator
I had default._domainkey with the 2048bit public key as you have it too. What i don t have is domainkey like your example. I created domainkey like your example but i still have the same results. My issue is that some server messages goes to spam folder and some server messages goes to inbox
 

RobinF28

Active Member
Jun 27, 2015
39
8
8
Elgin, Scotland
cPanel Access Level
Root Administrator
Hi Ribo,

The "default._domainkey" is the correct notation for the DKIM TXT record, together with the DATA that is your public key,

i.e.

v=DKIM1; k=rsa; and p=<your public key here>;

You need the FQDN after the default._domainkey.<HERE> for the root user to have a registered DKIM record published.

i.e.

default._domainkey.somename.domain.tld

This is your TXT record that must be published for DKIM.

You must also have the correct A records published, but I'm sure this is already the case.

i.e.

A record for "somename.domain.tld" = xxx.xxx.xxx.xxx

Also, the MX record must be published for somename.domain.tld, etc.

Please see some good support links here...


- Robin.
 
  • Like
Reactions: cPanelMichael

cPanelMichael

Technical Support Community Manager
Staff member
Apr 11, 2011
47,911
2,233
363
cPanel Access Level
DataCenter Provider
Twitter
My issue is that some server messages goes to spam folder and some server messages goes to inbox
Hi @ribo,

If you've confirmed the DKIM record is setup for the hostname, then you'll also want to make sure the other guidelines on the following document are followed:

How to Keep your Email Out of the Spam Folder - cPanel Knowledge Base - cPanel Documentation

If you need help verifying the records are setup properly, feel free to open a support ticket and we'll take a closer look at your system.

Thank you.
 

RobinF28

Active Member
Jun 27, 2015
39
8
8
Elgin, Scotland
cPanel Access Level
Root Administrator
For the sake of clarity, I should have added/reiterated the step in BOLD below, sorry!

Simple,

Code:
touch /var/cpanel/users/nobody
Temporarily add the following entry to /var/cpanel/users/nobody as a workaround:


Code:
  DNS=hostname.domain.com
Then,

Code:
/usr/local/cpanel/bin/dkim_keys_install nobody
as previously advised my Michael.

You'll then have to copy the generated public key into your correct DNS record for the server's FQDM etc.

Hope this helps.

- Robin.
 

cPanelMichael

Technical Support Community Manager
Staff member
Apr 11, 2011
47,911
2,233
363
cPanel Access Level
DataCenter Provider
Twitter
Hi @RobinF28,

Thanks for clarifying.

Also, here's my recent response from the thread linked in the first post here:

Hello Everyone,

Good news going forward! cPanel & WHM version 78 is tentatively set to include a new Email Deliverability option in Web Host Manager that will allow administrators to more easily detect and solve email delivery issues. Included with this feature is a tool that will check if the DKIM record for the server's hostname exists, and if not, provide an option to automatically add the record (as long as the parent domain resolves to the cPanel server). More information about this feature will be published on cPanel Releases once version 78 is closer to publication.

Thank you.
Thanks!
 
  • Like
Reactions: RobinF28