Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Help with DKIM setup on multiple domains

Discussion in 'E-mail Discussion' started by Mike Keller, Jun 13, 2019 at 12:03 PM.

Tags:
  1. Mike Keller

    Mike Keller Registered

    Joined:
    Apr 3, 2019
    Messages:
    4
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Castro Valley, CA
    cPanel Access Level:
    Root Administrator
    Hi there,

    Sorry this is long,


    I am having trouble setting up DKIM and having it work correctly for one of my clients example.com

    Here is the scenario:

    I have example.com hosted at a2 on a shared hosting account.
    Their dns is hosted at EasyDns
    I have a managed VPS hosted with A2 as well.

    On the managed VPS, I have an email application called example.net hosted which sends monthly newsletters to the example.com members.

    I have DKIM setup for the domain example.net and emails that go out from it do indeed pass SPF and DKIM however when they arrive to a gmail or outlook address, they will have “via example.net” next to the Sender name. I am sure this is because the “From” domain does not match the sender’s domain address. (in this case lmadal@example.com).

    What I tried doing:

    I added the domain example.com in cpanel on the VPS where emailapplication resides. I then went into email deliverability and generated the DKIM key.
    I then went to EasyDNS and entered the DKIM record as per the instructions. You can see it setup here: Network Tools: DNS,IP,Email
    I verified in cpanel that the DKIM was valid and sent a test email to my gmail address (mikek@mnl.com), and to an example.com (someusr@example.com)address to check results. This email has the sender setup as lmadal@example.com.

    The gmail address came through with passing both SPF and DKIM however it is still using the emailapplication DKIM key instead of the new one therefor still shows “via example.net” next to the Sender name.

    Here are the Auth results in gmail headers:

    Code:
    ARC-Authentication-Results: i=1; mx.google.com;
    dkim=pass header.i=@example.net header.s=default header.b=BPovsQzJ;
    spf=pass (google.com: domain of 451459634-15397-3@example.net designates xx.xx.xxx.xxx as permitted sender) smtp.mailfrom=451459634-15397-3@example.net
    Return-Path: <451459634-15397-3@example.net>
    Received: from example.net (example.net. [xx.xx.xxx.xxx])
    by mx.google.com with ESMTPS id s187si2062947pfb.255.2019.06.12.22.54.02
    for <mikek@mnl.com>
    (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
    Wed, 12 Jun 2019 22:54:03 -0700 (PDT)
    Received-SPF: pass (google.com: domain of 451459634-15397-3@example.net designates xx.xx.xxx.xxx as permitted sender) client-ip=xx.xx.xxx.xxx;
    Authentication-Results: mx.google.com;
    dkim=pass header.i=@example.net header.s=default header.b=BPovsQzJ;
    spf=pass (google.com: domain of 451459634-15397-3@example.net designates xx.xx.xxx.xxx as permitted sender) smtp.mailfrom=451459634-15397-3@example.net
    DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=example.net; s=default; h=Message-Id:From:Subject:Date:Reply-To:To:
    
    
    The outlook email address (someusr@example.com) bounced with the following message in exim logs:

    Code:
    2019-06-12 22:54:02 1hbIgU-00063x-4t <= 451459635-21479341-31944015@example.net H=(localhost) [127.0.0.1]:36734 P=esmtp S=109390 T="April Newsletter" for someusr@example.com
    2019-06-12 22:54:02 1hbIgU-00063x-4t ** emailapplication@xx.xx.xxx.xxx.static.example.com <someusr@example.com> R=fail_remote_domains: The mail server could not deliver mail to emailapplication@xx.xx.xxx.xxx.static.example.com. The account or domain may not exist, they may be blacklisted, or missing the proper dns entries.
    
    For the time being I have removed the example.com domain form the VPS because with this setup, the members that have that domain address will all bounce upon sending.

    Am I doing this correctly, or is there an additional step I am missing?

    Please help and let me know if you need any further details.

    Thank you.

    Mike Keller
     
    #1 Mike Keller, Jun 13, 2019 at 12:03 PM
    Last edited by a moderator: Jun 14, 2019 at 2:45 PM
  2. cPanelLauren

    cPanelLauren Forums Analyst II Staff Member

    Joined:
    Nov 14, 2017
    Messages:
    6,124
    Likes Received:
    474
    Trophy Points:
    233
    Location:
    Houston
    cPanel Access Level:
    DataCenter Provider
    I don't think DKIM is the issue with this based on a couple of things:


    1. This shows the DKIM passes validation:
    Code:
    dkim=pass header.i=@example.com header.s=default header.b=BPovsQzJ;
    
    
    2. This shows the delivery is going to a mailbox that may not exist: emailapplication@xx.xx.xxx.xxx.static.example.com - is that a valid email address?

    Code:
    R=fail_remote_domains: The mail server could not deliver mail to emailapplication@xx.xx.xxx.xxx.static.example.com. The account or domain may not exist, they may be blacklisted, or missing the proper dns entries.
    
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #2 cPanelLauren, Jun 13, 2019 at 4:27 PM
    Last edited by a moderator: Jun 14, 2019 at 2:42 PM
  3. Mike Keller

    Mike Keller Registered

    Joined:
    Apr 3, 2019
    Messages:
    4
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Castro Valley, CA
    cPanel Access Level:
    Root Administrator


    Thanks for replying. Fixed the bounce issue by having to set themail routing for the example.com domain on the VPS to remote.

    However yes the dkim auth passes but it still is using the emailapplication dkim signature vs the example.com one. Is there any help you can give to get it to use the mycompany dkim signature when the from address is example.com?

    Basically, I need to somehow tell EXIM to dynamically sign the messages depending on the From address.

    Like;

    If domain exists on VPS for the from domain, use that domain's DKIM sig, else use the default example.net DKIM sig.

    I have been everywhere on the web looking for a solution. I believe SendGrid does this somehow but I have no idea who to contact for help.

    Thank you for any help you can give.

    Mike
     
    #3 Mike Keller, Jun 14, 2019 at 11:47 AM
    Last edited by a moderator: Jun 14, 2019 at 2:41 PM
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice