DKIM in 2018 - cPanel/WHM Settings

B

brt

Well-Known Member
Jul 9, 2015
103
9
68
US
cPanel Access Level
Root Administrator
I've used cPanel/WHM for yeaaaars, I understand SPF, etc. I just want to make sure I understand what, exactly, WHM does with the DKIM settings these days.

So on the cPanel side, under Mail > Authentication, there's the Enable/Disable DKIM option. On its' own, what does this do, exactly? Does it block messages solely on this setting?​

Then on the WHM side there is "Allow DKIM verification for incoming messages", which defaults to off, and if it's enabled you also have the option to "Reject DKIM failures".​

Specifically, for one, I just want to make sure that the cPanel side isn't relying on "Allow DKIM..." in WHM to be enabled to function. Aside from that, I'm wondering how effective and/or reliable DKIM has been, both from a spam-blocking perspective and from a not-blocking-legitimate-messages perspective.

Is it worth enabling these days?
 
cPanelMichael

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,909
2,225
463
Hello @brt,

In short, the option in cPanel is for outgoing emails, and the options in WHM are for incoming emails.

The DKIM option under "cPanel >> Authentication" enables DKIM and adds the appropriate TXT records in the DNS zones of all domain names associated with that cPanel account. This allows remote servers to detect that these domain names utilize DKIM.

The following options under the "ACL Options" tab in "WHM >> Exim Configuration Manager >> Basic Editor" allow you to configure Exim to verify DKIM records with incoming emails from remote mail servers and to reject messages that fail DKIM verification.

Allow DKIM verification for incoming messages
Reject DKIM failures

I haven't seen very much feedback here on the cPanel forums regarding the effectiveness of DKIM verification for stopping incoming SPAM. However, check out the "incomingspam" tag to see a list of threads where users on this forum are discussing options and situations related to blocking incoming SPAM emails:

incomingspam | cPanel Forums

Thank you.
 
J

javacol

Registered
Mar 6, 2008
1
0
51
What does the "Allow DKIM verification for incoming messages " option do, if it is not to reject the emails? What good is it to verify the signature? and I would think WHMCS needs an option to reject or ignore domains that aren't DKIM signed.
 
You must log in or register to reply here.
Thread starter Similar threads Forum Replies Date
C Confusion about DKIM, SPF, DMARC for addon domains and relationship with associated subdomain Email 1
M DKIM signature in DNS OK, but what when client sends also (legitimate) mail trough other servers ? Email 2
S Outgoing messages not DKIM signed Email 1
M DKIM and SPF Error Email 1
M A “DKIM” record does not exist for this domain. Email 3
Similar threads
Confusion about DKIM, SPF, DMARC for addon domains and relationship with associated subdomain
DKIM signature in DNS OK, but what when client sends also (legitimate) mail trough other servers ?
Outgoing messages not DKIM signed
DKIM and SPF Error
A “DKIM” record does not exist for this domain.
Top Bottom