DMARC reports showing DKIM fail from Google, Yahoo, AOL, LinkedIn and Comcast

[dld]

I've been trying for weeks now to get my SPF and DKIM setup and working properly for full DMARC compliance.

SPF is now working correctly in all cases (except for occasional forwards). Woohoo!

However, DKIM continues to fail in all cases.

Since DMARC only requires SPF or DKIM to produce a "pass" result, that's okay most of the time.

On the other hand, since there are occasional SPF fail as well with forwards, I really want to get DKIM into the "pass" column ASAP.

In each case, the reports I get from Google, Yahoo, AOL, LinkedIn, and Comcast all show "pass" under SPF with the detected domain being listed correctly in the report from each email vendor.

Also in each case, the report shows "fail" under DKIM with the detected domain being listed as "none" in all cases.

When I test DKIM at mxtoolbox.com, it successfully returns my DKIM settings and does not report any issues.

When I test DKIM by sending a test email to [email protected]25.com I get a report back that says SPF is "pass" while DKIM is "neutral".

When I use appmaildev.com to request a test, it again reports SPF is working fine, but for DKIM it says, "DKIM result: none (no signature)".

Anyone know what's going on and how to fix this?

 

[mtindor]

If it's a 2048-bit or larger key, you might have problems with how it is entered in the DNS zone file. Are the authoritative nameservers for the domains in question the nameserver(s) configured in your WHM (your local server). Or are the DNS zones external (on some other nameservers, or at GoDaddy, NetSol, Enom, etc)?

If you are using 2048-bit or larger keys you are going to have to make sure that they are in the DNS zone correctly. The key length is too long for the TXT record field and ends up needing to be split up.

Mike

 

[cPanelMichael]

Hello

Could you elaborate on how you have configured DKIM for this domain name?

Thank you.