The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

DomainKeys exception

Discussion in 'E-mail Discussions' started by oscarenzo, Jun 17, 2014.

  1. oscarenzo

    oscarenzo Member

    Joined:
    Nov 16, 2011
    Messages:
    19
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Hello,

    I have a doubt, is possible create a exception in at hosting account for one external domain?, i mean that if is possible that check DKIM for all the external domains but when arrive from this source just skip.

    I have in the main server enable the option for DKIM check and in the hosting account also.

    Thank you.
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,852
    Likes Received:
    675
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello :)

    In "WHM Home » Service Configuration » Exim Configuration Manager", under the "Access Lists" tab, you can try adding the domain name to:

    "Only-verify-recipient"

    Thank you.
     
  3. oscarenzo

    oscarenzo Member

    Joined:
    Nov 16, 2011
    Messages:
    19
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Hello Michael,

    Thank you by your reply, i added the IP address of the forward server in "Trusted SMTP IP addresses" and "Sender verification bypass IP addresses" is not the same that "Only-verify-recipient"?
     
  4. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,852
    Likes Received:
    675
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    You can click on the "?" icon next to see option to see a description:

    Sender verification bypass IP addresses
    IP addresses for which to bypass SMTP-time sender verification checks


    Only-verify-recipient
    Hosts or IP addresses that should be exempt from all spam checks at SMTP time, except recipient verification. Hosts or IP addresses you enter here are stored in /etc/trustedmailhosts.


    Trusted SMTP IP addresses
    IP addresses exempt from all SMTP sender, recipient, spam, and relaying checks. IP addresses you enter here are stored in /etc/skipsmtpcheckhosts. These senders must still use an RFC-compliant HELO name if the Require RFC-compliant HELO setting is enabled.


    Thank you.
     
  5. oscarenzo

    oscarenzo Member

    Joined:
    Nov 16, 2011
    Messages:
    19
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Hi i read it, by this my doubt because not have clear, i'm running scrollout with cpanel as main server, but the emails resended by scrollout had bounced by dkim in the domain, by this my ask, somebody are working with both platforms also?

    thank you by advance.
     
  6. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,852
    Likes Received:
    675
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
  7. oscarenzo

    oscarenzo Member

    Joined:
    Nov 16, 2011
    Messages:
    19
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    yes sure:

    have a main server with cpanel/whm
    main.server.tld

    by other side i have a vps with scrollout
    scrollout.domain.tld

    then a hosting account myprotecteddomain.tld, when the mx 0 is pointing to scrollout.domain.tld, and have configured a quarantine inbox locate in the main.server.tld with domain quarantinedomain.tld.

    In the main.server.tld i have enable this options:

    Allow DKIM verification for incoming messages
    Reject DKIM failures

    when scrollout.domain.tld resend emails to the quarantine inbox, the main.server.tld bounce as dkim, this message show dkim log:

    Jun 19 22:09:21 scrollout postfix/smtp[10877]: 3gvZ4074WQz11HR: to=collector@quarantinedomain.tld, relay=quarantinedomain.tld[xx.xx.xx.xx]:25, delay=0.22, delays=0/0/0.15/0.06, dsn=5.0.0, status=bounced (host quarantinedomain.tld[xx.xx.xx.xx] said: 550-DKIM: encountered the following problem validating myprotecteddomain.tld: 550 pubkey_unavailable (in reply to end of DATA command))

    by this from scroll out advice to me add exeption for all email check from scrollout server, i added the IP and hostname on:

    Sender verification bypass IP addresses [?]
    Only-verify-recipient [?]
    Trusted SMTP IP addresses [?]

    And still blocking the emails, from whm when i disable the option:

    Reject DKIM failures [?]
    work as well, then if i disable this option when the cpanel account enable it, will not block the emails with dkim configuration faill right?
     
  8. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,852
    Likes Received:
    675
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    The option in cPanel is for enabling DKIM on your outgoing email. The option in your Exim Configuration Manager is to verify DKIM records on incoming email. I suggest disabling the option in WHM if it's rejecting the legitimate email, as otherwise you would have to develop a custom ACL to exclude certain domain names from the DKIM check if the existing whitelist options are not helpful.

    Thank you.
     
Loading...

Share This Page