The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Signing email with exim and dkim

Discussion in 'E-mail Discussions' started by Pascal Pharand, Oct 17, 2016.

Tags:
  1. Pascal Pharand

    Joined:
    Oct 17, 2016
    Messages:
    12
    Likes Received:
    1
    Trophy Points:
    3
    Location:
    Quebec, Canada
    cPanel Access Level:
    Root Administrator
    Hi everyone,

    I seem to have a problem signing outgoing emails with dkim. I have created an account and activated the dkim and spf. I have updated my domain DNS with both but I cannot get dkim to work. If send email with wordpress or for example horde, exim does not sign the emails. Hotmail and the others all say that dkim=none. The spf pointer on the other hand seems to be working properly and pass validation. Note that the server from which I manage that account is not the main DNS server. Is there anything special I need to do ?

    CENTOS 6.8 x86_64 standard
    WHM 60.0 (Build 4)
    Host : iWeb

    Any help would be appreciated.
     
  2. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,455
    Likes Received:
    195
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    Do you see any issues with the domain when checking it with a site like intodns.com?
     
  3. Pascal Pharand

    Joined:
    Oct 17, 2016
    Messages:
    12
    Likes Received:
    1
    Trophy Points:
    3
    Location:
    Quebec, Canada
    cPanel Access Level:
    Root Administrator
    Doesn't seem to be any errors. Some warning :

    Different subnets WARNING: Not all of your nameservers are in different subnets
    Different autonomous systems WARNING: Single point of failure
    SOA EXPIRE Your SOA EXPIRE number is: 3600000. That is NOT OK

    Otherwise everything else as a green checkmark.
     
  4. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,455
    Likes Received:
    195
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    Silly question I suppose, but is this the order you did things exactly? Seems backwards so I'm asking.
     
  5. Pascal Pharand

    Joined:
    Oct 17, 2016
    Messages:
    12
    Likes Received:
    1
    Trophy Points:
    3
    Location:
    Quebec, Canada
    cPanel Access Level:
    Root Administrator
    Yes this is the order I used if I remember well. I created the account, activated the dkim and spf and then updated the dns records. If I use Tools - mail-tester.com everything checks out. I get the spf pointer and the dkim public key. I have also checked the /var/cpanel/domain_keys/public/mydomain public keys are matching as well.
     
  6. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,455
    Likes Received:
    195
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    How long ago did you make the changes? Might it be that your DNS changes need to propagate?
     
  7. Pascal Pharand

    Joined:
    Oct 17, 2016
    Messages:
    12
    Likes Received:
    1
    Trophy Points:
    3
    Location:
    Quebec, Canada
    cPanel Access Level:
    Root Administrator
    last friday. Dns should have propagated by now. The dkim does not even fail exim just doesn't sign the emails at all. anyway what i'm playing with right now is a subdomain. for example my main domain is example.ca and the subdomain is portailclinique.example.ca. Since it is not signing i'll try to restart from the beginning. Backup my data and db and recreate the account from zero. I might have missed something while setting up the account or improperly setted it up.
     
  8. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,455
    Likes Received:
    195
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    Not sure if redoing everything is of any use here.

    From mxtoolbox:
     
  9. Pascal Pharand

    Joined:
    Oct 17, 2016
    Messages:
    12
    Likes Received:
    1
    Trophy Points:
    3
    Location:
    Quebec, Canada
    cPanel Access Level:
    Root Administrator
    Yes basically it didn't help at the moment. I recreated the account and used the new dkim generated but exim doesn't sign the emails. I'll take a look at the reverse pointer.
     
  10. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,455
    Likes Received:
    195
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    These docs may be of some use to you:
    kb.iweb.com/entries/22038828-Configuring-Reverse-DNS-Control-Center-or-Customer-Hub-
     
  11. Pascal Pharand

    Joined:
    Oct 17, 2016
    Messages:
    12
    Likes Received:
    1
    Trophy Points:
    3
    Location:
    Quebec, Canada
    cPanel Access Level:
    Root Administrator
    Yes the dns where properly working in the DNS zone but neither hotmail nor gmail see any dkim signature. Google passes dmarc and spf record. Hotmail tells me that spf passes but both gives me dkim=none. As if the signature was not added by exim for some reason.
     
  12. Pascal Pharand

    Joined:
    Oct 17, 2016
    Messages:
    12
    Likes Received:
    1
    Trophy Points:
    3
    Location:
    Quebec, Canada
    cPanel Access Level:
    Root Administrator
    * meant reverse dns pointer.
     
  13. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,455
    Likes Received:
    195
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    Not sure if this is of any use, but are you testing hotmail using a blank email?
    answers.microsoft.com/en-us/outlook_com/forum/oemail-osend/hotmail-deems-my-business-emails-as-dkimfail-all/ad2e7d37-4a1e-4bd4-b8d0-c5ad76d82d52

     
  14. Pascal Pharand

    Joined:
    Oct 17, 2016
    Messages:
    12
    Likes Received:
    1
    Trophy Points:
    3
    Location:
    Quebec, Canada
    cPanel Access Level:
    Root Administrator
    No i'm using wordpress to send messages by creating a user with my email. The message is not blank it has a subject and a body with some links. It does not fail dkim it just gives me dkim=none :

    CMM-Authentication-Results: hotmail.com; spf=pass (sender IP is
    0.0.0.0; identity alignment result is pass and alignment mode is
    relaxed) smtp.mailfrom=myuser@majeur.example.ca; dkim=none (identity
    alignment result is pass and alignment mode is relaxed)
    header.d=portailclinique.example.ca; x-hmca=pass
    header.id=wordpress@portailclinique.myexample.ca
     
  15. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,455
    Likes Received:
    195
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    So, you're using the SMTP setup in wordpress with a proper email account's credentials? Does it work if you use the main domain instead of the sub.domain?
     
  16. Pascal Pharand

    Joined:
    Oct 17, 2016
    Messages:
    12
    Likes Received:
    1
    Trophy Points:
    3
    Location:
    Quebec, Canada
    cPanel Access Level:
    Root Administrator
    No smtp setup. Just using sendmail by default.
     
  17. Pascal Pharand

    Joined:
    Oct 17, 2016
    Messages:
    12
    Likes Received:
    1
    Trophy Points:
    3
    Location:
    Quebec, Canada
    cPanel Access Level:
    Root Administrator
    ok that's new... squirrelmail just signed the email with dkim and it passed... that's odd and mail sent by wordpress does not.
     
    #17 Pascal Pharand, Oct 17, 2016
    Last edited: Oct 17, 2016
  18. Pascal Pharand

    Joined:
    Oct 17, 2016
    Messages:
    12
    Likes Received:
    1
    Trophy Points:
    3
    Location:
    Quebec, Canada
    cPanel Access Level:
    Root Administrator
    I`ve configured Wordpress to use smtp instead of sendmail. I was finally able to sign the emails with the proper dkim signature. Although the signature needs specifically coming from a particular email address.
     
  19. Pascal Pharand

    Joined:
    Oct 17, 2016
    Messages:
    12
    Likes Received:
    1
    Trophy Points:
    3
    Location:
    Quebec, Canada
    cPanel Access Level:
    Root Administrator
    Thanks for your help. I`ve been able to sign my emails properly.
     
    Infopro likes this.
  20. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,455
    Likes Received:
    195
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    Happy to hear you got it going. :)
     
Loading...

Share This Page