• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

Resolved DKIM default settings for new subscriptions

TorbHo

TorbHo

Basic Pleskian
Server operating system version
Ubuntu 22 LTS
Plesk version and microupdate number
Version 18.0.51 Update #1
Hi,

I just discovered that the default DKIM settings for new subscriptions changed in Plesk. Was this changed by a recent update?

Some time ago, when I created a new subscription, DKIM for outgoing mails was deactivated by default. Since we use an external DNS Server, this was great. If there was a demand for DKIM, we could activate this for just this single subscription/domain.

But now it seems, that DKIM is activated by default. Can we change this behavior somehow? Just for newly created subscriptions.
 
DKIM is enabled by default for all new domains since Plesk 18.0.50, published January 31st, 2023. It is an almost unavoidable change as some large mail providers such as GMail recently introduced strict SPF and DKIM requirements. Mails without such verification are no longer delivered to GMail users for example. AFAIK there is no option to disable DKIM by default.
 
Thank you.

We will implement DKIM in the future. By now, I'm just looking for a quick solution for this problem.

I know, that I can disable DKIM for all domains with:
for domain in $(plesk db -Ne 'SELECT name FROM domains WHERE parentDomainId=0;'); do plesk bin domain_pref --update $domain -sign_outgoing_mail false; done
Click to expand...

But how can I do that for newly created Domains, only.
I'm thinking about a script via event manager, which runs after a new domain has just been created.
 
I would like to add that DKIM is only enabled by default if BIND is installed and Plesk DNS is used. For that case there is no obvious reason why DKIM should not be activated. On servers where Plesk DNS is not installed, DKIM remains disabled.
 
We would like to enable DKIM, but for specific domains only, but we use an external DNS Service.
That is why we have enabled BIND, so that we can insert the Plesk-given DKIM signature manually.
 
Why are BIND and local Plesk DNS needed if DNS of the domains is managed at an external DNS server?
 
For DKIM.
If it is not needed, how do I get the public key, which is to be added to the DNS-records? And how are the Mails signed which are sent through the Plesk server, if DKIM is switched off?
 
After you enable DKIM in the "Mail Settings" of a subscription to the right end of that line a link shows up where you can see the DKIM key records that need to be added to external DNS.

Only mails sent through SMTP login are DKIM signed. For mails sent through other functions, e.g. web server PHP, a feature request exists
plesk.uservoice.com

Add DKIM-key in php mail() function

When DKIM is activated, the key isn't added when you use the PHP mail() function, for example if you have a contact form on the website. Please add because this generates false SPAM-detection problems. Google for example thinks it's strange that sometimes the DKIM key is added and sometimes not...
plesk.uservoice.com
 
So, if I understand correctly, this DKIM option in "Mail Settings" is still there, if I uninstall BIND on this server?
I thought you could only select it, if BIND is installed and accessible.
 
Hello,

the bind is installed on our systems e.g. to get clean RBL and is deactivated for customer access. There is no connection to the DNS servers of the customer domains, so uninstalling bind is not an option. Here would have been the possibility in the panel or in the panel.ini to say yes make for new account DKIM or not the better option. Is there maybe even something for this ?
 
Enabling DKIM signing by default was a frequently requested user feature, because nowadays many big mail providers evaluate DKIM. So it was done in the scope of Enable Mail DKIM signing by default

If you would like to have a panel.ini setting by which you can configure whether DKIM is auto-activated or not, please create a feature request for that on Feature Suggestions: Top (1794 ideas) – Your Ideas for Plesk

As a workaround you can also create an event in Plesk that configures DKIM when a new domain is being created. To do that,

1) Create text file "auto_dkim.sh" (or another name of your choice) and give it executable permissions.
touch /root/auto_dkim.sh && chmod 755 /root/auto_dkim.sh

2) Store into the file:
Code: 
#!/bin/sh
/usr/local/psa/bin/domain_pref --update ${NEW_DOMAIN_NAME} -sign_outgoing_mail false

3) Login to Plesk GUI and go to Tools & Settings > Event Manager

4) Add a new event with these settings:
Event: Physical hosting created
Priority: 0 (lowest)
User: root
Command: /root/auto_dkim.sh
 
odd question:
for a domain, if I disable mail.
Then enable email, will I need to regenerate DKIM?
I see the button to do that, but what is the "selector name" ?
does the actual name have significance?
 
You must log in or register to reply here.

Similar threads

QWeb Ric
Issue Wrong DKIM signature after migration
Replies
2
Views
145
QWeb Ric
QWeb Ric
W
Issue Problems with changing Domain IP address.
Replies
0
Views
128
wyga
W
H
Resolved Plesk change DKIM signature when reload or saving the "Mail Settings for domain.tld" page
Replies
12
Views
3K
AYamshanov
AYamshanov
P
Outgoing email messages not DKIM signed when enabled for a domain and in server settings
2
Replies
20
Views
5K
enerspace
enerspace
B
Issue Default Page Certificate issue (no new cert)
Replies
1
Views
820
Peter Debik
P
Back
Top