• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

Resolved DKIM problems with email marked as spam

TomP

TomP

Basic Pleskian
I have DKIM turned on server wide, and also on the domain I'm sending from. I have run checks on the domain, and they report everything is good. The domain in question I'm sending from is brendajackson.net.
I keep getting reports that the mail isn't getting through, so I sent a copy of the newsletter to http://isnotspam.com to run their test. They report that other than SpamAssassin Result: ham (non-spam) (04.9points, 10.0 required), this showed up under DKIM:
----------------------------------------------------------
DKIM check details:
----------------------------------------------------------

Result: neutral (message not signed)
ID(s) verified: [email protected]
Selector=
domain=
DomainKeys DNS Record=

Any ideas what I should check? The DNS records look right, but every test says DKIM isn't signed. I thought by turning on all the DKIM setting, Plesk sets it up so mail will be signed.
 
Thanks for the vaildator link. The vaildator tells me that
default._domainkey.domain.tld and SPF record not available. But it exsist in the Mailserver Backend.
 
Hi Larsm,

as already answered at => #4 , you have to go to your Control Panel of your Domain provider Strato, where you can edit/add/modify your current DNS - settings. Afterwards ( pls. wait after your DNS - changes, because they may take up to 72 hours to sync worldwide ), pls. check the settings, as for example:


At the moment, thers is NO ( TXT! ) SPF - entry, which you could verify as well at: => http://dkimcore.org/tools/
 
Hello,

I have setup dkim at Plesk to sign my emails. But I get always errors.
At the header the message can not signed because it looking for default._domainkey.larsmueller.net

but i use mail._domainkey at the Plesk DNS Settings.

Code: 
 Tue, 21 Mar 2017 03:30:53 -0700 (PDT)
Return-Path: <[email protected]>
Received: from larsmueller.net (larsmueller.net. [81.169.168.7]) by
 mx.google.com with ESMTPS id b190si19245146wmd.47.2017.03.21.03.30.53 for
 <[email protected]> (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256
 bits=128/128); Tue, 21 Mar 2017 03:30:53 -0700 (PDT)
Received-SPF: pass (google.com: domain of [email protected] designates
 81.169.168.7 as permitted sender) client-ip=81.169.168.7;
Authentication-Results: mx.google.com; dkim=temperror (no key for signature)
 [email protected]; spf=pass (google.com: domain of
 [email protected] designates 81.169.168.7 as permitted sender)
 [email protected]; dmarc=pass (p=NONE sp=NONE dis=NONE)
 header.from=larsmueller.net
Received: from [100.100.133.47] (ip-109-84-2-255.web.vodafone.de
 [109.84.2.255]) by larsmueller.net (Postfix) with ESMTPSA id 19D8A4411D8 for
 <[email protected]>; Tue, 21 Mar 2017 11:30:52 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=larsmueller.net;
 s=default; t=1490092252; bh=47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=;
 l=0; h=From:To:Subject;
 b=jf7I3aPRK4gTSsEvylZFLT3HvimKCb8sbV0KMcUjSL9j4vLZSJehWIH1PmF9NYlBU
 5/oAReUKyyDQklZXOKX1pAz0Wk41XUmz56zb9CWKgaOEo9oHaUPidQt+yKj/UI2wX2
 0yOUKd3PG0ctmAIQk7tR8iR232CxfJwHiMdw+v3I=
From: =?UTF-8?B?TGFycyBNw7xsbGVy?= <[email protected]>

The keys are stored in /etc/opendkim/keys/larsmueller.net under mail.txt and mail.private

Any idea why Plesk ignore this?

Gesendet von meinem Nexus 5X mit Tapatalk


Gesendet von meinem Nexus 5X mit Tapatalk
 
Hi Larsm,

Plesk Onyx comes now with "DKIM" ( not anymore DomainKeys, as with Plesk 12.5 ). Pls. consider again to have a look at your CURRENT DNS - settings over the Plesk Control Panel AND see as well your current nameserver entries at STRATO, as I previous mentioned, that your current initial nameserver is not your rented server, it's the one from Strato for your domain "larsmueller.net".

Pls. see again: => https://www.dnswatch.info/dns/dnslookup?la=en&host=larsmueller.net&type=TXT&submit=Resolve to check your current nameserver entries!
Current output:
Code: 
Searching for sns.serverkompetenz.de. A record at K.ROOT-SERVERS.NET. [193.0.14.129] ...took 1 ms
Searching for sns.serverkompetenz.de. A record at f.nic.de. [81.91.164.5] ...took 2 ms
Searching for sns.serverkompetenz.de. A record at ns2.serverkompetenz.de. [81.169.148.37] ...took 3 ms
Searching for larsmueller.net. TXT record at sns.serverkompetenz.de. [81.169.148.38] ...took 3 ms


Further investigations:
Code: 
DKIM Record for default._domainkey.larsmueller.net


This is not a good DKIM key record. You should fix the errors shown in red.

DNS query failed for 'default._domainkey.larsmueller.net':NXDOMAIN

A public-key (p=) is required
Code: 
DKIM Record for mail._domainkey.larsmueller.net

v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCcbyYbKJJe0oAXG4rW
EvmeLAoqKxU8z+Zb8ZjBpEBF7SuVg7mSAFtnMLp6dzYMj1ey3hQgeq5xnid9bdRcDK51bahKDR
Q/0Pr9lPCUylQYZzIfjkC4E3egZBf/hC1Us8gxUvUcJQhvnipLXC3SlxvM6ffsc7rbQxHLuqCo
1GTIywIDAQAB

This is a valid DKIM key record
 
I now an domain reseller from Strato and yesterday I set the first nameserver to ns1.larsmueller.net and the second to sns.serverkompetenz.de

Now i can set all entry's at plesk. Thats my settings at plesk.


8a9e8079d89b3718c6d10cee9cdf9969.jpg
eb5e2b458da1ea5f12aa62863c4a8dc5.jpg
85f0dd1776b7049b21331eb83587f894.jpg


Gesendet von meinem Nexus 5X mit Tapatalk
 
Hi Larsm,

did you manually deleted the entry for "default._domainkey.larsmueller.net", or did you forget to tick the box: "Use DKIM spam protection system to sign outgoing email messages" at "Home > Subscriptions > YOUR-DOMAIN.COM > Mail > (tab) Mail Settings" ?

Consider to untick the box... save the settings ... and return back, to tick this box again, so that Plesk is able to insert the needed DNS - entries. ;)


Pls. make as well sure, that the settings at => Home > Tools & Settings > Mail Server Settings
DKIM spam protection
Allow signing outgoing mail
Verify incoming mail
Click to expand...

... are set. :)
 
I have manually delete the default key. The Dkim Spam Protection are enabled.

Gesendet von meinem Nexus 5X mit Tapatalk
 
You must log in or register to reply here.

Similar threads

A
Issue DKIM and DMARC issue, emails not sending
Replies
4
Views
312
danami
danami
K
Resolved No DKIM key generated/shown when DNS component is not installed
2
Replies
25
Views
5K
Quotes
Quotes
C
Issue DKIM and SPF do not align with RFC5322. Then DMARC result is fail.
Replies
2
Views
651
cmartinez127
C
C
Resolved DKIM is valid but signature fails
Replies
6
Views
2K
cmartinez127
C
Alex Presland
Issue Emails forwarded by Plesk fail DKIM checks with certain attachments
2
Replies
21
Views
2K
Alex Presland
Alex Presland
Back
Top