Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

DMARC reports showing DKIM fail from Google, Yahoo, AOL, LinkedIn and Comcast

Discussion in 'E-mail Discussion' started by dld, Jan 31, 2016.

  1. dld

    dld Member

    Joined:
    Apr 18, 2006
    Messages:
    12
    Likes Received:
    4
    Trophy Points:
    153
    I've been trying for weeks now to get my SPF and DKIM setup and working properly for full DMARC compliance.

    SPF is now working correctly in all cases (except for occasional forwards). Woohoo!

    However, DKIM continues to fail in all cases.

    Since DMARC only requires SPF or DKIM to produce a "pass" result, that's okay most of the time.

    On the other hand, since there are occasional SPF fail as well with forwards, I really want to get DKIM into the "pass" column ASAP.

    In each case, the reports I get from Google, Yahoo, AOL, LinkedIn, and Comcast all show "pass" under SPF with the detected domain being listed correctly in the report from each email vendor.

    Also in each case, the report shows "fail" under DKIM with the detected domain being listed as "none" in all cases.

    When I test DKIM at mxtoolbox.com, it successfully returns my DKIM settings and does not report any issues.

    When I test DKIM by sending a test email to check-auth@verifier.port25.com I get a report back that says SPF is "pass" while DKIM is "neutral".

    When I use appmaildev.com to request a test, it again reports SPF is working fine, but for DKIM it says, "DKIM result: none (no signature)".

    Anyone know what's going on and how to fix this?
     
    #1 dld, Jan 31, 2016
  2. mtindor

    mtindor Well-Known Member

    Joined:
    Sep 14, 2004
    Messages:
    1,344
    Likes Received:
    58
    Trophy Points:
    178
    Location:
    inside a catfish
    cPanel Access Level:
    Root Administrator
    If it's a 2048-bit or larger key, you might have problems with how it is entered in the DNS zone file. Are the authoritative nameservers for the domains in question the nameserver(s) configured in your WHM (your local server). Or are the DNS zones external (on some other nameservers, or at GoDaddy, NetSol, Enom, etc)?

    If you are using 2048-bit or larger keys you are going to have to make sure that they are in the DNS zone correctly. The key length is too long for the TXT record field and ends up needing to be split up.

    Mike
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #2 mtindor, Feb 1, 2016
  3. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    44,809
    Likes Received:
    1,898
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello :)

    Could you elaborate on how you have configured DKIM for this domain name?

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #3 cPanelMichael, Feb 2, 2016
(You must log in or sign up to post here.)
Loading...
Similar Threads - DMARC reports showing
  1. pstretch

    DMARC record keeps breaking by itself

    pstretch, Jul 9, 2018, in forum: General Discussion
    Replies:
    3
    Views:
    152
    cPanelLauren
    Jul 12, 2018
  2. Bashed

    Gmail DMARC Policy Issue

    Bashed, Jul 6, 2018, in forum: E-mail Discussion
    Replies:
    4
    Views:
    328
    rpvw
    Jul 6, 2018
  3. rpvw

    Restart of pdns required after adding _dmarc

    rpvw, May 21, 2018, in forum: Bind/DNS/Nameserver
    Replies:
    1
    Views:
    154
    cPanelLauren
    May 22, 2018
  4. globcom

    You don't have DMARC record error

    globcom, May 21, 2018, in forum: E-mail Discussion
    Replies:
    3
    Views:
    326
    cPanelLauren
    May 21, 2018
  5. Spork Schivago

    Need help Setting up more than one DMARC record.

    Spork Schivago, Apr 29, 2018, in forum: Bind/DNS/Nameserver
    Replies:
    8
    Views:
    301
    Spork Schivago
    May 4, 2018

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...
    Dismiss Notice