Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

DMARC reports showing DKIM fail from Google, Yahoo, AOL, LinkedIn and Comcast

Discussion in 'E-mail Discussion' started by dld, Jan 31, 2016.

  1. dld

    dld Member

    Apr 18, 2006
    Likes Received:
    Trophy Points:
    I've been trying for weeks now to get my SPF and DKIM setup and working properly for full DMARC compliance.

    SPF is now working correctly in all cases (except for occasional forwards). Woohoo!

    However, DKIM continues to fail in all cases.

    Since DMARC only requires SPF or DKIM to produce a "pass" result, that's okay most of the time.

    On the other hand, since there are occasional SPF fail as well with forwards, I really want to get DKIM into the "pass" column ASAP.

    In each case, the reports I get from Google, Yahoo, AOL, LinkedIn, and Comcast all show "pass" under SPF with the detected domain being listed correctly in the report from each email vendor.

    Also in each case, the report shows "fail" under DKIM with the detected domain being listed as "none" in all cases.

    When I test DKIM at, it successfully returns my DKIM settings and does not report any issues.

    When I test DKIM by sending a test email to I get a report back that says SPF is "pass" while DKIM is "neutral".

    When I use to request a test, it again reports SPF is working fine, but for DKIM it says, "DKIM result: none (no signature)".

    Anyone know what's going on and how to fix this?
  2. mtindor

    mtindor Well-Known Member

    Sep 14, 2004
    Likes Received:
    Trophy Points:
    inside a catfish
    cPanel Access Level:
    Root Administrator
    If it's a 2048-bit or larger key, you might have problems with how it is entered in the DNS zone file. Are the authoritative nameservers for the domains in question the nameserver(s) configured in your WHM (your local server). Or are the DNS zones external (on some other nameservers, or at GoDaddy, NetSol, Enom, etc)?

    If you are using 2048-bit or larger keys you are going to have to make sure that they are in the DNS zone correctly. The key length is too long for the TXT record field and ends up needing to be split up.

    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. cPanelMichael

    cPanelMichael Technical Support Community Manager Staff Member

    Apr 11, 2011
    Likes Received:
    Trophy Points:
    cPanel Access Level:
    Root Administrator
    Hello :)

    Could you elaborate on how you have configured DKIM for this domain name?

    Thank you.
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice