DKIM default._domainkey

exxhal

• May 19, 2018 05:54

Hello, having some (questions)problems to setup dkim. In my WHM panel i go to dns zone for a domain and i see for DKIM : default._domainkey . TXT 14400 "v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9U530KHapZR0vKV5Y7zChtK6inKzhEzqlTNHBi6+z4uycL5mVYf+wCu1hHMTZTs1dqtCtDA2bVA4laWXfY6j442jkgq5rctveTmOULNInatZ5CFNqADG7L5dLDJsGjZ07F9mSJAATCVdG3uwGoa6SUuT+wSt72LZt5BMnZoi1dSAz93jgE5Bq/DRSOClQ1rr" zjNPeeOip6MJ9km8idpZ9raUss6lW96fcikL5o40Z58XMPHMqq37DoSw+S+EP1nwBwrbbefRYi3mSU5uUujgfIVTkfxHcU5Qj1goongTepvkojG0eYeZG4OouejPdAcnX/7dpOagMBr29KkaCowIDAQAB\; Do i use default._domainkey. at my domainname DNShoster or is default just some random input and must i do some other stuff to make DKIM work? thans!

• 

  exxhal

  • May 19, 2018 14:20

  Ok an update. DNS config. looks good. But now i get the message : bad RSA signature DKIM Information: DKIM Signature Message contains this DKIM Signature: DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=carking.be; s=default; h=Content-Transfer-Encoding:Content-Type:MIME-Version:Date: Message-ID:Subject:From:To:Sender:Reply-To:Cc:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=g3zLYH4xKxcPrHOD18z9YfpQcnk/GaJedfustWU5uGs=; b=OUOY3mS5VriCceAiy2qWtZWhwQ w03cRs8Z+jBkoQogVGQQVRunE3Ls+C3nmZGyPN8lc9c8yHGifdUogSMoBWx5g7ds1ENtLrEoCc2Rj rHFDkrru/lAHqSIP0THHDsiR+AMyyErLMW1yVDfaDvJ67aHe4JA/0LZrpDfEcfXkdMG78uUASt14E POIMPjWps7ugFsWmH43eB5JMU0Fcw3wfPyNSWLju4Utm5jzvtSZlik6/IEtm2bQQD/sss+SRpiKy1 KUU6GohMH5marz3jLovAfo8iV9kWnNoZOy9agU6Qvz2DssAaq9ANyg4bjIGRQ4OUVrA5axAV4p5Zo u8s5IPLQ==; Signature Information: v= Version: 1 a= Algorithm: rsa-sha256 c= Method: relaxed/relaxed d= Domain: example.com s= Selector: default q= Protocol: dns/txt bh= g3zLYH4xKxcPrHOD18z9YfpQcnk/GaJedfustWU5uGs= h= Signed Headers: Content-Transfer-Encoding:Content-Type:MIME-Version:Date: Message-ID:Subject:From:To:Sender:Reply-To:Cc:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive b= Data: OUOY3mS5VriCceAiy2qWtZWhwQ w03cRs8Z+jBkoQogVGQQVRunE3Ls+C3nmZGyPN8lc9c8yHGifdUogSMoBWx5g7ds1ENtLrEoCc2Rj rHFDkrru/lAHqSIP0THHDsiR+AMyyErLMW1yVDfaDvJ67aHe4JA/0LZrpDfEcfXkdMG78uUASt14E POIMPjWps7ugFsWmH43eB5JMU0Fcw3wfPyNSWLju4Utm5jzvtSZlik6/IEtm2bQQD/sss+SRpiKy1 KUU6GohMH5marz3jLovAfo8iV9kWnNoZOy9agU6Qvz2DssAaq9ANyg4bjIGRQ4OUVrA5axAV4p5Zo u8s5IPLQ== Public Key DNS Lookup Building DNS Query for default._domainkey.example.com Retrieved this publickey from DNS: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA99U/5iXvrMyV3/ZsuUaems3pihBxWSOybRzdLPh1NOJcA3PY8nYWOdgGdDQCJgi1tKemgfyKKe+fzCczht92urTXG4SF00DCpxRX3ZUIJdWv6cvPcXXxs2lyjoSCE3c7Cg3K6ysu6E4P4UJiTfYj//0CZZfMJeFAJHck9FHXvdbWIcn7zvk4YEkgUVMB4cARZnIHocRChC8Fpt0ZToeTpCeNC+TNOeFCNBstGxkYxz6mdw0JSFlj63MgqyLFnmchaXEC9/akd0uvBQPWymh3+a0qLtCzz0WaL+isniGYJwHz6gMgr/p0CjgmqCgxXrLPyUxrfG6Pp/cZG1bw+ZZzVwIDAQAB Validating Signature result = fail Details: bad RSA signature
  

  0
• 

  exxhal

  • May 20, 2018 09:29

  ok some good and bad. the follow error is comming : R=dkim_lookuphost defer (-1): host lookup did not complete also when i check the dkim i got one mailadres that gives a valid dkim and i use the same input ? But still not resolving the host when i sent mails toonother server(email). there i get an error ( DKIM Information: DKIM Signature Message contains this DKIM Signature: DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=example.net ; s=default; h=Content-Transfer-Encoding:Content-Type:MIME-Version:Date: Message-ID:Subject:From:To:Sender:Reply-To:Cc:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=; b=N031YZzw5jqFCyLQvCDjDbDOeM zoeRzZjMsQFrYtmmdbDfbvi3i6yVCWtNmcPuSpJp1Rtk9bqnzkYhgWALdHJ0BsaI2wU35erJojG6P buxuzGWTrA0hTARW1+eEOwoLa6Ht/IDHemykS3WuNptWLrhoiW628r/9x4u3y4altADp3KrIlQNCa nPJbN/ZtzqIS/TYFYFa22GUxroV+3FO2AxEZhp0bOTWQhjEhwYEtRk8AbdvK2zZm2DMvqGon2+sec KwYgwGJzdIpkbjVaozSHxgMrMNgRQJ+bx3xK1BNrO+SK4CbCCroDX6b30gFocXrLVekj+zZzh5IAA HoBnZHQg==; Signature Information: v= Version: 1 a= Algorithm: rsa-sha256 c= Method: relaxed/relaxed d= Domain: example.net s= Selector: default q= Protocol: dns/txt bh= 47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU= h= Signed Headers: Content-Transfer-Encoding:Content-Type:MIME-Version:Date: Message-ID:Subject:From:To:Sender:Reply-To:Cc:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive b= Data: N031YZzw5jqFCyLQvCDjDbDOeM zoeRzZjMsQFrYtmmdbDfbvi3i6yVCWtNmcPuSpJp1Rtk9bqnzkYhgWALdHJ0BsaI2wU35erJojG6P buxuzGWTrA0hTARW1+eEOwoLa6Ht/IDHemykS3WuNptWLrhoiW628r/9x4u3y4altADp3KrIlQNCa nPJbN/ZtzqIS/TYFYFa22GUxroV+3FO2AxEZhp0bOTWQhjEhwYEtRk8AbdvK2zZm2DMvqGon2+sec KwYgwGJzdIpkbjVaozSHxgMrMNgRQJ+bx3xK1BNrO+SK4CbCCroDX6b30gFocXrLVekj+zZzh5IAA HoBnZHQg== Public Key DNS Lookup Building DNS Query for default._domainkey.example.net Retrieved this publickey from DNS: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA99U/5iXvrMyV3/ZsuUaems3pihBxWSOybRzdLPh1NOJcA3PY8nYWOdgGdDQCJgi1tKemgfyKKe+fzCczht92urTXG4SF00DCpxRX3ZUIJdWv6cvPcXXxs2lyjoSCE3c7Cg3K6ysu6E4P4UJiTfYj//0CZZfMJeFAJHck9FHXvdbWIcn7zvk4YEkgUVMB4cARZnIHocRChC8Fpt0ZToeTpCeNC+TNOeFCNBstGxkYxz6mdw0JSFlj63MgqyLFnmchaXEC9/akd0uvBQPWymh3+a0qLtCzz0WaL+isniGYJwHz6gMgr/p0CjgmqCgxXrLPyUxrfG6Pp/cZG1bw+ZZzVwIDAQAB Validating Signature result = pass Details:
  

  0
• 

  exxhal

  • May 20, 2018 09:35

  Just a question, how many times can you use a DKIM passw, now i use it on 2 domains is that correct ? one domain is valid (example.net) the other (example.com) gives me a bad RSA signature. When i check onDKIM i get : Valid Record This is a valid 2048 bit DKIM key record but on dkimvalidator.com gives me a bad RSA for example.com In WHM i use the same DKIM in the DNS zone.

  0
• 

  cPanelLauren

  • May 21, 2018 15:35

  Hello @exxhal Is this the dkim record being generated through cPanel? I do get an error when looking up the DKIM record itself at dkimcore Are you using the same DKIM record for two domains? Each domain should have its own, and they're each able to be automatically generated by cPanel so pending your cPanel server's nameservers are authoritative for the domain you shouldn't need to make any DNS modifications to enable this. Thanks!

  0

Please sign in to leave a comment.