The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

DKIM support via dkimproxy

Discussion in 'E-mail Discussions' started by Mikluha, Sep 7, 2010.

  1. Mikluha

    Mikluha Registered

    Sep 2, 2010
    Likes Received:
    Trophy Points:
    Well, I've been looking for dkim solution for some time. In general, I'm not a big fan of Cpanel (I would be much better off without it at all, but it comes with my VPS) and I prefer to configure server myself.

    I don't want to wait for new release of Cpanel, because even if it has support for exim + dkim, then it'll have five hundred million of other bugs. So I found a solution, which work on my Cpanel. It's independed on exim, so it work pretty much with every version

    The solution is dkimproxy, which is installed as proxy for exim, so you don't need to get new exim 4.71 or later. It supports both DKIM/DomainKeys signatures.

    Since it doesn't involve changing exim you can get back easily or (when new Cpanel will be out) forget about dkimproxy

    Before you start:

    1) Installation involves shell access as root, so if you don't have it or don't feel comfortable, then you have to wait for updates from Cpanel. If you're like me using Windows, then use putty for shell access (search google).
    To make your life easier in shell environment, install Midnight Commander file manager (Midnight Commander - Wikipedia, the free encyclopedia) on your server. You'll forget about pain related to cp and cd commands. It supports mouse. If you're old enough like me, then you immediately recognize the famous Norton commander. Anyway, using mc any installation is much easier

    2) You will need to edit exim.conf. It can be done via Cpanel editor, or manually.

    3) YOU NEED TO MAKE BACKUP COPIES OF EVERY CONFIGURATION FILE. I'm sure if everything fail, you can reinstall exim back via Cpanel, but you better keep backups.

    4) You have to have access to your DNS to change/add records.

    5) If you use automatic Cpanel updating, then Cpanel may over-write your config files.

    The procedure itself:

    1) Follow up this very detailed instructions.

    Setting up DKIMProxy on a cPanel Server - errorCodex - Computer Questions & Solutions Forum

    The only difference I found is location of perl modules (,, etc)

    In this manual they're put into /usr/lib/ and /usr/lib/MSDW/SMTP

    In my case I had to put them into /usr/lib/perl5/5.8.8. Othewrwise, dkimproxy doesn't start. You can make symbolic links to them. You will see error messages when starting dkimproxy. Don't sweat, just try few locations. Look where other Perl modules are located

    Also, they suggest to use "default" as your selector in dkimproxy config file. These selector are used to select . You can change them laterDNS records to sepearte different users, domains, etc

    Everything else went perfect.

    2) Send email to to verify your setup.
    Another place to verify is Brandon Checketts

    These tests validate everything, DKIM, DomainKeys, SPF records (you can setup them as well, using SPF: Project Overview)

    3) After you're satisfied with the results, go to DNS records and open it

    You will see record something like that (setup by Cpanel):

    default._domainkey in txt "k=rsa;"

    Everything after p= and to the end is you public key. You will need it to create dkim record.

    Another way to get it is to generate public key from your private key (private key location is in dkimproxy config file) using this shell command:

    openssl rsa -in private.key -pubout -out public.key

    But copying it from DNS record is easier

    4) Go to DKIM DNS Record Creation Tool and create DNS dkim record, using same public key you got from previous step. generate dkim record and update your DNS

    Make sure to use the same selector as you used in dkimproxy_out.conf

    5) Add record to your DNS

    _adsp._domainkey.YOUR_DOMAIN.TLD IN TXT "dkim=unknown"

    Where YOURDOMAIN.TLD is your domain.

    See here for more explanation and options:

    Author Domain Signing Practices - Wikipedia, the free encyclopedia

    This is all.


    1) I didn't setup to check incoming mail. You can find more info here

    WPKG Blog » Blog Archive » Setting up DKIMproxy with Exim for DKIM and DomainKeys signing

    and here

    dkimproxy.out - SMTP proxy for adding DKIM signatures to email

    2) You can use selectors in DNS records and dkimproxy to create different signatures for different domans, email addreesses, etc


Share This Page