• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • We are looking for U.S.-based freelancer or agency working with SEO or WordPress for a quick 30-min interviews to gather feedback on XOVI, a successful German SEO tool we’re looking to launch in the U.S.
    If you qualify and participate, you’ll receive a $30 Amazon gift card as a thank-you. Please apply here. Thanks for helping shape a better SEO product for agencies!
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

Resolved DKIM for domain alias when Synchronized DNS using MailEnable

A

andysuch

New Pleskian
Server operating system version
Windows Server 2022
Plesk version and microupdate number
18.0.60 #1
I have a main domain and a number of alias domains (34) for this main domain, each alias is used to show a branded version of the website. Each domain can send email using the alias domain address.

Each alias has:
Synchronize DNS zone with the primary domain: ON
Mail service: ON
Web service: ON

1716906660227.png

Beacause the DNS records are syncronised the DKIM record is the same for all alias domains.

When I enable DKIM in Plesk, only the main domain has DKIM signing active, all the alias domains do not.

When I check Mailenable Managment Console, plesk has only enabled DKIM on the main domain.

If I enable DKIM on an alias via MailEnable, the DNS TXT key record is different to the record for the main domain, but because the DNS zones for alias are syncronised I cant edit the DNS record of an alias to change the DNS TXT record.

I could switch off Synchronize DNS zone for all the alias domains, currently I have 34 alias domains, this will grow over time, then set the DKIM manually for each alias, but if I do this then everytime I make a DNS change on the main domain I would need to do this on all alias domains which would take a long time.

Is there any way around this keeping the DNS zones syncronised?

Thanks.
 
Should anyone need a workround for this situation I have found something that works until I can implement something better.

Configure DKIM for main domain via Plesk interface
Enable DKIM for each domain alias via MailEnable managamnet console.
Make the selector the same as the domain name alias.
Create a new DNS DKIM TXT key record on the main domain for each alias copying the TXT record data that is generated by MailEnable.

This appears to work and means I can still keep all alias domains DNS syncronised.

eg.

maindomain.com - DKIM configured via plex console

alias1.com - alias1.com_domainkey.maindomain.com - DNS TXT from MailEnable
alias2.com - alias2.com_domainkey.maindomain.com - DNS TXT from MailEnable
alias3.com - alias3.com_domainkey.maindomain.com - DNS TXT from MailEnable
 
andysuch said:
Should anyone need a workround for this situation I have found something that works until I can implement something better.

Configure DKIM for main domain via Plesk interface
Enable DKIM for each domain alias via MailEnable managamnet console.
Make the selector the same as the domain name alias.
Create a new DNS DKIM TXT key record on the main domain for each alias copying the TXT record data that is generated by MailEnable.

This appears to work and means I can still keep all alias domains DNS syncronised.

eg.

maindomain.com - DKIM configured via plex console

alias1.com - alias1.com_domainkey.maindomain.com - DNS TXT from MailEnable
alias2.com - alias2.com_domainkey.maindomain.com - DNS TXT from MailEnable
alias3.com - alias3.com_domainkey.maindomain.com - DNS TXT from MailEnable
Click to expand...
Hi, thanks for that proposal.
I tried it in different ways, but it does not work. I always get a "DKIM=fail" in mail header of the recipient.

I try to figure out my problem:

maindomain.com - all is working, DKIM=pass
default._domainkey.maindomain.com : v=DKIM1; p=MIG.....public-key-maindomain.com......
I added more TXT-entries
alias1.com_domainkey.maindomain.com - v=DKIM1; p=MIG.....public-key-maindomain.com.....
alias2.com_domainkey.maindomain.com - v=DKIM1; p=MIG.....public-key-maindomain.com.....

did not work.
Tried to use an additional dot just before _domainkey - (alias2.com._domainkey.maindomain.com)
did not work either

Deleted those TXT-entries for the alias1.com and alias2.com

Next try:
Added a CNAME-entry
mykey._domainkey.alias1.com : mykey._domainkey.maindomain.com
and a TXT entry
mykey._domainkey.maindomain.com : v=DKIM1; p=MIG.....public-key-alias1.com......
The recipient is getting a public key, I can't judge whether it is p=MIG.....public-key-alias1.com...... or p=MIG.....public-key-maindomain.com.....
but still DKIM=fail

I think, the problem is, that the sender has [email protected] and the mailserver is mail.maindomain.com
But I don't know how to avoid that mismatch.

Anyone has an idea?
 
You must log in or register to reply here.

Similar threads

P
Question dmarc, spf, dkim setup problem
Replies
2
Views
300
PeterKi
P
G J Piper
Resolved SSL It! Let's Encrypt Not Issuing Certificate on MX-only Domain
Replies
8
Views
515
G J Piper
G J Piper
E
Issue dkim=neutral reason="invalid (public key: not available)"
Replies
1
Views
706
Raul A.
R
J
Resolved DOMAIN ALIAS - Emails not being forwarded
Replies
1
Views
854
Sebahat.hadzhi
Sebahat.hadzhi
H
Resolved DKIM Signature missing external DNS
Replies
1
Views
811
hapepe
H
Back
Top