DomainKeys exception

oscarenzo

• June 17, 2014 06:17

Hello, I have a doubt, is possible create a exception in at hosting account for one external domain?, i mean that if is possible that check DKIM for all the external domains but when arrive from this source just skip. I have in the main server enable the option for DKIM check and in the hosting account also. Thank you.

• 

  cPanelMichael

  • June 17, 2014 15:01

  Hello :) In "WHM Home " Service Configuration " Exim Configuration Manager", under the "Access Lists" tab, you can try adding the domain name to: "Only-verify-recipient" Thank you.

  0
• 

  oscarenzo

  • June 17, 2014 15:41

  Hello Michael, Thank you by your reply, i added the IP address of the forward server in "Trusted SMTP IP addresses" and "Sender verification bypass IP addresses" is not the same that "Only-verify-recipient"?

  0
• 

  cPanelMichael

  • June 19, 2014 04:31

  You can click on the "?" icon next to see option to see a description: Sender verification bypass IP addresses IP addresses for which to bypass SMTP-time sender verification checks Only-verify-recipient Hosts or IP addresses that should be exempt from all spam checks at SMTP time, except recipient verification. Hosts or IP addresses you enter here are stored in /etc/trustedmailhosts. Trusted SMTP IP addresses IP addresses exempt from all SMTP sender, recipient, spam, and relaying checks. IP addresses you enter here are stored in /etc/skipsmtpcheckhosts. These senders must still use an RFC-compliant HELO name if the Require RFC-compliant HELO setting is enabled. Thank you.

  0
• 

  oscarenzo

  • June 19, 2014 20:18

  [quote="cPanelMichael, post: 1668012">You can click on the "?" icon next to see option to see a description: Sender verification bypass IP addresses IP addresses for which to bypass SMTP-time sender verification checks Only-verify-recipient Hosts or IP addresses that should be exempt from all spam checks at SMTP time, except recipient verification. Hosts or IP addresses you enter here are stored in /etc/trustedmailhosts. Trusted SMTP IP addresses IP addresses exempt from all SMTP sender, recipient, spam, and relaying checks. IP addresses you enter here are stored in /etc/skipsmtpcheckhosts. These senders must still use an RFC-compliant HELO name if the Require RFC-compliant HELO setting is enabled. Thank you.
  Hi i read it, by this my doubt because not have clear, i'm running scrollout with cpanel as main server, but the emails resended by scrollout had bounced by dkim in the domain, by this my ask, somebody are working with both platforms also? thank you by advance.

  0
• 

  cPanelMichael

  • June 19, 2014 20:22

  Could you elaborate on how you have configured that spam appliance, and how it works? Thank you.

  0
• 

  oscarenzo

  • June 19, 2014 20:41

  yes sure: have a main server with cpanel/whm main.server.tld by other side i have a vps with scrollout scrollout.domain.tld then a hosting account myprotecteddomain.tld, when the mx 0 is pointing to scrollout.domain.tld, and have configured a quarantine inbox locate in the main.server.tld with domain quarantinedomain.tld. In the main.server.tld i have enable this options: Allow DKIM verification for incoming messages Reject DKIM failures when scrollout.domain.tld resend emails to the quarantine inbox, the main.server.tld bounce as dkim, this message show dkim log: Jun 19 22:09:21 scrollout postfix/smtp[10877]: 3gvZ4074WQz11HR: to=collector@quarantinedomain.tld, relay=quarantinedomain.tld[xx.xx.xx.xx]:25, delay=0.22, delays=0/0/0.15/0.06, dsn=5.0.0, status=bounced (host quarantinedomain.tld[xx.xx.xx.xx] said: 550-DKIM: encountered the following problem validating myprotecteddomain.tld: 550 pubkey_unavailable (in reply to end of DATA command)) by this from scroll out advice to me add exeption for all email check from scrollout server, i added the IP and hostname on: Sender verification bypass IP addresses [?] Only-verify-recipient [?] Trusted SMTP IP addresses [?] And still blocking the emails, from whm when i disable the option: Reject DKIM failures [?] work as well, then if i disable this option when the cpanel account enable it, will not block the emails with dkim configuration faill right?

  0
• 

  cPanelMichael

  • June 20, 2014 14:14

  [quote="oscarenzo, post: 1669082">Reject DKIM failures [?] work as well, then if i disable this option when the cpanel account enable it, will not block the emails with dkim configuration faill right?
  The option in cPanel is for enabling DKIM on your outgoing email. The option in your Exim Configuration Manager is to verify DKIM records on incoming email. I suggest disabling the option in WHM if it's rejecting the legitimate email, as otherwise you would have to develop a custom ACL to exclude certain domain names from the DKIM check if the existing whitelist options are not helpful. Thank you.

  0

Please sign in to leave a comment.