Enable DKIM behind NAT with smarthost

BeSafe

Registered
Mar 12, 2014
2
0
1
cPanel Access Level
DataCenter Provider
Hello guys,
I want to enable DKIM but I have a question..

1) My Cpanel machine is behind NAT
2) Every zone/user has a mx record that point to a smarthost (antispam relay)

If I try to use the "Email Authentication" It seems that all the keys and all the DNS stuff were generated starting with the DNS records pointing to the public ip of the cpanel and not to the MX. Is this correct ?

Many thanks in advance.
 

vanessa

Well-Known Member
PartnerNOC
Sep 26, 2006
833
28
178
Virginia Beach, VA
cPanel Access Level
DataCenter Provider
The SPF record should contain the IP that email is being sent from. This may or many not be the same as the MX record (MX records only apply to incoming email, not outgoing). If you're not sure, send an email from one of these accounts and check the headers to see what IP it was sent from. Whoever your SMTP provider is should be able to provide you with the correct SPF records.
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,913
2,201
363
Hello :)

You mentioned setting up a smart host through the DNS Zone. Have you also setup a smart host using the option provided under the "Mail" tab in the "Exim Configuration Manager"? The following post might be helpful if attempting to enable DKIM with your smart host configuration:

DKIM with Smart Host

Thank you.
 

BeSafe

Registered
Mar 12, 2014
2
0
1
cPanel Access Level
DataCenter Provider
[cut]
Have you also setup a smart host using the option provided under the "Mail" tab in the "Exim Configuration Manager"?
NO,I've modified the file exim.conf.local

cat exim.conf.local
@[email protected]
smart_route:
driver = manualroute
domains = !+local_domains
transport = remote_smtp
route_list = * xxx.xxx.xxx.xxx

Where xxx is the Ip of the smarthost.

The following post might be helpful if attempting to enable DKIM with your smart host configuration:

DKIM with Smart Host
Nice ! But if I change the transport from "remote_smtp" to "dkim_remote_smtp" I will encounter problems with domains that haven't the DKIM setup ?

Many thanks in advance !
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,913
2,201
363
Nice ! But if I change the transport from "remote_smtp" to "dkim_remote_smtp" I will encounter problems with domains that haven't the DKIM setup ?
Could you elaborate on what type of problems? Do you mean that not all of your domain names use DKIM?

Thank you.