How to enable DKIM in cPanel server.
DomainKeys Identified Mail (DKIM) lets an organization take responsibility for a message while it is in transit and one can use this to prevent from getting blacklisted by the free email providers like Yahoo, MSN and Google. DKIM can increase the mail authenticity.
cPanel does not have an interface to enable DKIM like we have for SPF and Domain Keys. cPanel is still working on it for getting it implemented. However we can enable it manually by following the below steps.
Check if exim is compiled with DKIM support enabled.
root@server # /usr/sbin/exim -dd 2>&1 | grep Experimental_DKIMSupport for: crypteq iconv() IPv6 PAM Perl OpenSSL Content_Scanning Old_Demime Experimental_SPF Experimental_SRS Experimental_DomainKeys Experimental_DKIM
cd /usr/local/cpanel/etc/exim
openssl genrsa -out dkim.key 1024openssl rsa -in dkim.key -out dkim.public -pubout -outform PEM
You will find two keys, dkim.key & dkim.public
Open dkim.public and copy the contents excluding the –Begin– and –End– section. This is your DKIM key. Now open exim configuration file and append the below entries under the section ‘remote_smtp’
Sample file: vi /etc/exim.conf
——————————-
remote_smtp: driver = smtp # dkim_domain=your_domain_name.com dkim_selector=mail dkim_private_key=/usr/local/cpanel/etc/exim/dkim.key #path to the dkim.key key. interface = ${if exists {/etc/mailips}{${lookup{$sender_address_domain}lsearch*{/etc/mailips}{$value}{}}}{}} helo_data = ${if exists {/etc/mailhelo}{${lookup{$sender_address_domain}lsearch*{/etc/mailhelo}{$value}{$primary_hostname}}} {$primary_hostname}}————————–
Now on WHM, open DNS editor for the particular domain and add the TXT entry with DKIM key like below.
————————–
mail._domainkey.domain_name.com. IN TXT "v=DKIM1; g=*; k=rsa;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDv4PSEM9P cxlI2tRojAUQ9hpRQ0Zj/XM4SK08/Drhm/CaspJAKZF9rZDAw18TrfuXeRgsMWAdS2vJ4Oa/kXqX0NM2eBJcmasu4GeNXANmXvC1umz+8mC6r EPlE/Ucau4tmAHOZL0HJ9IDd/PIxoTkeTm3mjGeqvKBLbdvVIDXbcQIDAQAB"————————–
Restart exim and named services.
/scripts/restartsrv exim
/scripts/restartsrv named
To check whether DKIM is setup properly, send a mail to dkimtest@atmail.org , if setup properly, you will get a reply like below ,else a failure message.
—————————————————-
Subject: AutoReply from dkimtest@atmail.org
From: spftest@your_domain_name.com
Date: Sun, May 23, 2010 1:27 am
To: spftest@your_domain_name.com
*** DKIM TEST SUCCESSFUL ***
—————————————————–
27 Comments to “How to enable DKIM in cPanel server.”
Post comment
Follow us on Twitter!http://twitter.com/efheem
12MP administrator bash bashrc calculator camera cd/dvd cfs error change IP cPanel csf csf iptable csf vps DKIM dkim spam eject eject linux execution time exim fake orkut FTP ftp error hacking history IP iptable error Linux linux disc Notepad Tricks open source orkut phishing password private folder in windows pro-ftp pure-ftp recover password Red Hat reset administrator password samsung secret folder Teiid time of command time out error Windows windows tricks
WP Cumulus Flash tag cloud by Roy Tanck and Luke Morton requires Flash Player 9 or better.
Recent Posts
- Fix Toshiba battery issue for Linux
- How to enable DKIM in cPanel server.
- Exim: remove mails in queue from a particular sender.E
- OpenVZ network down SIOCADDRT: Network is unreachable
- How to configure NAT with iptables on a VPS.
- How to disable gzip output on lightspeed server accounts
- Find Linux OS is 32 or 64bit.
- songbird! iTunes for Ubuntu
- How to Hide Text in Notepad !!
- How to transfer a cPanel account to DirectAdmin.
- System User Account in Windows XP !!
- Configure Windows XP to Automatically Login!
- How to change Linux root password temporarily.
- How to install winrar for Linux
- social networking all together by Digsby.
Recent Comments
- ido on Fix Toshiba battery issue for Linux
- Pablo Barrales on Fix Toshiba battery issue for Linux
- FullMetal on Fix Toshiba battery issue for Linux
- Rodger on Fix Toshiba battery issue for Linux
- John on Fix Toshiba battery issue for Linux
Thanks for the great writeup. I've been looking all over for how to get DKIM working on cpanel and your tutorial was perfect.
Will this setup survive cpanel/whm updates or does some of it need to be redone each time?
I guess I spoke too soon. I'm not seeing the DKIM header added to outgoing messages. I already had domainkeys set up and that header is present. I suspect the differences in my exim.conf from the domainkeys configuration is causing it not to work but I haven't been able to nail down why yet.
This should survive even after a WHM update I believe, since configurations are not re-written while updating.
I was able to figure out the DKIM keys on mail header. Can you send a test mail to gmail and verify the header? Hope you have entered the configuration properly.
Thx man, this is great tutorial, DKIM works perfect on my server
I can see DKIM keys on mail headers
I used the following because i have multiple domains which send using their unique IP's:
dkim_domain=$sender_address_domain
dkim_selector=mail
dkim_private_key=/usr/local/cpanel/etc/exim/dkim.key
I had to disable domain keys on each cPanel account and manually enter the dkim dns settings in WHM:
mail._domainkey 14400 IN TXT "v=DKIM1; g=*; k=rsa; p=(whaterver your dkim.public contents were with no brackets);"
It seems to be working!
I can't believe the tools at cPanel are saying "Well we may just end up giving you one or the other" for the last what couple of years?? and we could already easily enable one of the two ourselves with this little tweak?
Thanks
@DKIM'r Thanks for your note
I will modify the post and put your note to enable DKIM for multiple domains.
I believe there are some licensing issues with DKIM that is keeping cPanel away from enabling this by default. Glad they cPanel exim is compiled to support DKIM by default
.
[...] for DKIM ("DomainKeys Identified Mail") Well do you guys think this should work How to enable DKIM in cPanel server. | techinterplay __________________ Vinayak Sharma Vinsar.Net – Quality WebHosting Services at Economical Price [...]
I have done all steps (to single and after to multiple domains) and mails are not signed, what can i do? i dont see any error on /var/log/exim_mainlog :/
@Miguel, I have replied your mail.
hi
I set up everything but when I send email in exim log file I get
2010-12-27 22:19:32 1PXI8R-0002PJ-74 DKIM: signing failed (RC -101)
and no dkim attach to my email where is the poroblems
@kamal not sure, would need to check into the configurations, just email it to techinterplay at gmail.com
The best DKIM online tutorial. One question…
Inside exim.conf: "dkim_domain=your_domain_name.com"
That's for 1 domain only.
What would put in if I also want to add dkim for: your_domain_name_2.com
Can you please kindly provide the copy-paste solution.
Thank you so much.
how to add dkim for multiple website using the above steps..
I did follow step by step as the tut, but can't get it working. The DKIM header never show up? Do I have to wait for the DNS to up propagated world wide or something?
Thanx for this great tip.
From what I understand, this will install DKIM on a single domain.
How do I configure the server if it's a shared hosting server (i.e. there are about 200 domains on the server) for each domain to have DKIM support?
Followed the instructions above on cpanel… I removed domain keys from all sites, then followed the above instructions. I used the dkim_domain=$sender_address_domain for multiple domains, restarted exim and named and nothing is being signed.
I then went in and change dkim_domain=mysite.com…. restarted both again… sent an email and nothing…
Everything went smooth, however, nothing is getting signed… tested by sending email to gmail as well and it auto goes to the spam folder with no sig…
Please help… really need to get this implemented for all domains, but would be happy if just one works for now…
Anyone have any ideas!?
Scratch that… now it seems to be sending the signature.. perhaps dns had to update, but is showing :
result = fail
Details: body has been altered
when using the http://www.brandonchecketts.com/emailtest.php test… what does that mean?
Just spoke to cpanel and the changes made in exim.conf will be overwritten if there is an upgrade. You cannot edit in whm exim advanced editor because it does not support changing the remote_smtp transport… cpanel gave me this response :
1. Create a file named /scripts/posteximup
2. Give it permissions of 0700
3. Place code inside that file that will change the remote_smtp transport
to the one you wish to use. This can be shell scripting, or perl, or any other
language you'd like.
The "posteximup" hook is documented here:
Service script hooks
cPanel & WHM Script Hooks
Basically it just says this:
~~~~~~~~~~~~~~~~~~~~~~~~~~
Runs after Exim updates
(post /scripts/eximup)
~~~~~~~~~~~~~~~~~~~~~~~~~~
If anyone would like to tacke that please do so… it is over my head and laguages I am not familiar with… it would be nice to include this if it will just be wiped on an exim upgrade…
Setting up an attribute for exim.conf will do the job
make it immutable and it will remain unmodified for ever.
chattr +i /etc/exim.conf
Steve, can you mail me your exim.conf and TXT DNS record to techinterplay [at] gmail.com ? I would like to have a look.
Steve, http://www.brandonchecketts.com/emailtest.php will display you a randomly generated email address to which you can send from for which DKIM is enabled and by clicking on "View Results: button will give you the test results
Did you get it working?
Hey guys… first I want to thank everyone for the really awesome tutorial.
I'm having some trouble with the 2rd step. When I open the EXIM advanced configuration file via WHM I cannot save the information in the file. I get an error stating driver SMTP not found.
This is the information i'm trying to copy. Thoughts?
`remote_smtp:
driver = smtp
#
dkim_domain=your_domain_name.com
dkim_selector=mail
dkim_private_key=/usr/local/cpanel/etc/exim/dkim.key #path to the dkim.key key.
interface = ${if exists {/etc/mailips}{${lookup{$sender_address_domain}lsearch*{/etc/mailips}{$value}{}}}{}}
helo_data = ${if exists {/etc/mailhelo}{${lookup{$sender_address_domain}lsearch*{/etc/mailhelo}{$value}{$primary_hostname}}}
{$primary_hostname}}
`
^^^ please ignore the comment above. I was able to get around the smtp issue. I was saving the configuration changes in the wrong place.
However i'm now getting the error:
Error message from syntax check:
2011-04-26 22:29:18 Exim configuration error in line 1144 of /etc/exim.conf.buildtest.work.lQ9WiSdEkvkwLLEA:
option setting expected: {$primary_hostname}}
Any thoughts? this is what I plugged in. I'm trying to enable this to work with multiple domains.
remote_smtp:
driver = smtp
#
dkim_domain=$sender_address_domain
dkim_selector=mail
dkim_private_key=/usr/local/cpanel/etc/exim/dkim.key #path to the dkim.key key.
interface = ${if exists {/etc/mailips}{${lookup{$sender_address_domain}lsearch*{/etc/mailips}{$value}{}}}{}}
helo_data = ${if exists {/etc/mailhelo}{${lookup{$sender_address_domain}lsearch*{/etc/mailhelo}{$value}{$primary_hostname}}}
{$primary_hostname}}
Mike, can I have the line numbers for the pasted lines? Also dkim_domain=example.com
where example.com is the domain name for which DKIM has to be enabled.
Faheem,
is this solution only for a single site? I havee a dedicated machine with 8 sites on it. If I can only use one site this is no good.
Also, please look at my second example not the first. I need an answer to the error I was getting in the second.
I try to add this at all. I done every thing very well but the test fails what to do? I have server with cPanel Centos OS
Thank YOu
The strangest thing.. And I’m pretty sure that the solution is fairly simple..
I’m trying to install DKIM for one of my domain hosted on a dedicated server with cPanel WHM..
I’m following this tutorial (http://techinterplay.com/enabled-dkim-cpanel-server.html) but the DKIM test is unsuccessful..
Since I host the email for this domain name at Google Apps, I make the DKIM test from a simple php code by using the php mail() function
What’s causing the failure of the DKIM? Thanks for your help!!