• Hi, Pleskians! We are running a UX testing of our upcoming product intended for server management and monitoring.
    We would like to invite you to have a call with us and have some fun checking our prototype. The agenda is pretty simple - we bring new design and some scenarios that you need to walk through and succeed. We will be watching and taking insights for further development of the design.
    If you would like to participate, please use this link to book a meeting. We will sent the link to the clickable prototype at the meeting.
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.
  • The ImunifyAV extension is now deprecated and no longer available for installation.
    Existing ImunifyAV installations will continue operating for three months, and after that will automatically be replaced with the new Imunify extension. We recommend that you manually replace any existing ImunifyAV installations with Imunify at your earliest convenience.

Resolved DKIM for domain alias when Synchronized DNS using MailEnable

A

andysuch

New Pleskian
Server operating system version
Windows Server 2022
Plesk version and microupdate number
18.0.60 #1
I have a main domain and a number of alias domains (34) for this main domain, each alias is used to show a branded version of the website. Each domain can send email using the alias domain address.

Each alias has:
Synchronize DNS zone with the primary domain: ON
Mail service: ON
Web service: ON

1716906660227.png

Beacause the DNS records are syncronised the DKIM record is the same for all alias domains.

When I enable DKIM in Plesk, only the main domain has DKIM signing active, all the alias domains do not.

When I check Mailenable Managment Console, plesk has only enabled DKIM on the main domain.

If I enable DKIM on an alias via MailEnable, the DNS TXT key record is different to the record for the main domain, but because the DNS zones for alias are syncronised I cant edit the DNS record of an alias to change the DNS TXT record.

I could switch off Synchronize DNS zone for all the alias domains, currently I have 34 alias domains, this will grow over time, then set the DKIM manually for each alias, but if I do this then everytime I make a DNS change on the main domain I would need to do this on all alias domains which would take a long time.

Is there any way around this keeping the DNS zones syncronised?

Thanks.
 
Should anyone need a workround for this situation I have found something that works until I can implement something better.

Configure DKIM for main domain via Plesk interface
Enable DKIM for each domain alias via MailEnable managamnet console.
Make the selector the same as the domain name alias.
Create a new DNS DKIM TXT key record on the main domain for each alias copying the TXT record data that is generated by MailEnable.

This appears to work and means I can still keep all alias domains DNS syncronised.

eg.

maindomain.com - DKIM configured via plex console

alias1.com - alias1.com_domainkey.maindomain.com - DNS TXT from MailEnable
alias2.com - alias2.com_domainkey.maindomain.com - DNS TXT from MailEnable
alias3.com - alias3.com_domainkey.maindomain.com - DNS TXT from MailEnable
 
andysuch said:
Should anyone need a workround for this situation I have found something that works until I can implement something better.

Configure DKIM for main domain via Plesk interface
Enable DKIM for each domain alias via MailEnable managamnet console.
Make the selector the same as the domain name alias.
Create a new DNS DKIM TXT key record on the main domain for each alias copying the TXT record data that is generated by MailEnable.

This appears to work and means I can still keep all alias domains DNS syncronised.

eg.

maindomain.com - DKIM configured via plex console

alias1.com - alias1.com_domainkey.maindomain.com - DNS TXT from MailEnable
alias2.com - alias2.com_domainkey.maindomain.com - DNS TXT from MailEnable
alias3.com - alias3.com_domainkey.maindomain.com - DNS TXT from MailEnable
Click to expand...
Hi, thanks for that proposal.
I tried it in different ways, but it does not work. I always get a "DKIM=fail" in mail header of the recipient.

I try to figure out my problem:

maindomain.com - all is working, DKIM=pass
default._domainkey.maindomain.com : v=DKIM1; p=MIG.....public-key-maindomain.com......
I added more TXT-entries
alias1.com_domainkey.maindomain.com - v=DKIM1; p=MIG.....public-key-maindomain.com.....
alias2.com_domainkey.maindomain.com - v=DKIM1; p=MIG.....public-key-maindomain.com.....

did not work.
Tried to use an additional dot just before _domainkey - (alias2.com._domainkey.maindomain.com)
did not work either

Deleted those TXT-entries for the alias1.com and alias2.com

Next try:
Added a CNAME-entry
mykey._domainkey.alias1.com : mykey._domainkey.maindomain.com
and a TXT entry
mykey._domainkey.maindomain.com : v=DKIM1; p=MIG.....public-key-alias1.com......
The recipient is getting a public key, I can't judge whether it is p=MIG.....public-key-alias1.com...... or p=MIG.....public-key-maindomain.com.....
but still DKIM=fail

I think, the problem is, that the sender has [email protected] and the mailserver is mail.maindomain.com
But I don't know how to avoid that mismatch.

Anyone has an idea?
 
You must log in or register to reply here.

Similar threads

E
Issue dkim=neutral reason="invalid (public key: not available)"
Replies
1
Views
516
Raul A.
R
J
Resolved DOMAIN ALIAS - Emails not being forwarded
Replies
1
Views
692
Sebahat.hadzhi
Sebahat.hadzhi
H
Resolved DKIM Signature missing external DNS
Replies
1
Views
644
hapepe
H
J
Issue Domain Alias - Mail not forwarded
Replies
7
Views
869
cento
C
P
Forwarded to devs DKIM signing records/instructions are outdated
Replies
6
Views
1K
Sebahat.hadzhi
Sebahat.hadzhi
Back
Top