• Please be aware: Kaspersky Anti-Virus has been deprecated
    With the upgrade to Plesk Obsidian 18.0.64, "Kaspersky Anti-Virus for Servers" will be automatically removed from the servers it is installed on. We recommend that you migrate to Sophos Anti-Virus for Servers.
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.

Forwarded to devs DKIM signing records/instructions are outdated

P

pleskuser67553

Basic Pleskian
Username:

TITLE

DKIM signing records/instructions are outdated

PRODUCT, VERSION, OPERATING SYSTEM, ARCHITECTURE

Plesk Obsidian Version 18.0.63 Update #3, AlmaLinux 9.2, AMD

PROBLEM DESCRIPTION

DNS records created by Plesk, and signing instructions for external DNS contain a record DomainKey Root Outbound Signing Policy o=- which was part of a draft, but did not make it to the standard.

_domainkey.example.com. IN TXT "o=-"

See also DKIM, SPF, and DMARC Protection and ARC Support

59433-DKIM-external-DNS.webp


STEPS TO REPRODUCE

  1. Navigate to Tools & Settings > Mail Server Settings
  2. Under DKIM spam protection check Allow signing outgoing mail if not already
  3. Navigate to any domain in Plesk
  4. Click on Mail > Mail Settings
  5. Check Use DKIM spam protection system to sign outgoing email messages if not already and click Apply
  6. Click How to configure external DNS to reveal the popup info
  7. Observe the instruction to include the draft policy record _domainkey.example.com. IN TXT "o=-"
  8. Navigate back to the domain
  9. Click on Hosting & DNS > DNS
  10. Click Enable if not already
  11. Observe the generated draft policy record _domainkey.example.com. TXT o=-

ACTUAL RESULT

As described above, the draft policy record is included

EXPECTED RESULT

As described above, the draft policy record should not be included. The docs should also be updated.

ANY ADDITIONAL INFORMATION

Please consider making it easier and more obvious to retrieve the domainkey for configuring external DNS. For example, not behind a popup link, and instead retrievable with a single click on the visible record or button which copies the TXT value to clipboard. Also, perhaps a button to copy a BIND formatted version to clipboard including quoted string breaks at each 255 character count for really long keys.

YOUR EXPECTATIONS FROM PLESK SERVICE TEAM

Confirm bug
 
@pleskuser67553 thank you for your report. We appreciate that you brought our attention to the issue. We investigated it and we were able to confirm that the DKIM signing policy entry is indeed obsolete. The behavior is confirmed as a bug with ID PPP-66197. A fix for the issue will be introduced in Plesk 18.0.64, which is scheduled for release in the middle of the month. You may observe our Change log here.
 
You must log in or register to reply here.

Similar threads

H
Resolved DKIM Signature missing external DNS
Replies
1
Views
130
hapepe
H
K
Resolved No DKIM key generated/shown when DNS component is not installed
2
Replies
25
Views
6K
Quotes
Quotes
P
Question Outgoing DKIM signing when mail is turned off
Replies
5
Views
880
Peter Debik
P
F
Question DKIM DNS Record Not Displaying in Plesk Email Settings
Replies
9
Views
711
flippintwit
F
H
Issue DKIM TXT records missing.
Replies
1
Views
939
Hezola
H
Back
Top