Results 1 to 25 of 26
-
12-24-2010, 08:33 PM #1Mostly Retired!
- Join Date
- Nov 2002
- Location
- Portland, Oregon
- Posts
- 2,992
So I got DKIM Signatures working in cPanel...
2010-12-24 16:14:43 H=localhost.localdomain (webmail.nwtechgroup.com) [127.0.0.1] Warning: Sender rate 23.0 / 1h
2010-12-24 16:14:44 1PWHmV-0001L9-UI <= john@nwtechgroup.com H=localhost.localdomain (webmail.nwtechgroup.com) [127.0.0.1] P=esmtpa A=dovecot_login:john@nwtechgroup.com S=1206 id=b1eacef86e96334e4c505a8d303a6d5c.squirrel@webmail.nwtechgroup.com
2010-12-24 16:14:44 1PWHmV-0001L9-UI Message signed with DKIM: DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=nwtechgroup.com; s=default; h=Message-ID: Date: Subject:From:To:
Reply-To:MIME-Version:Content-Type:Content-Transfer-Encoding;
bh=Ikg14KprzypYlejwPLa35vaNVzy198CRaqAFEDIficw=; b=NNpIAwZgPcYrL
oyV6cWD4UBZuFpjVg+rekMFxUJwx7e/5XfReZ2ah1OrghDJdUJ/ECyjuKrgFbz7v
OfKWy/JPZabVfTpKcFg6YBIcT/tHVwGxKkM82VYo21R+Yzb23LPRKuwGeLyA3DEs
VxTC0nZqUFCMlmH2xnqEYN5pyy6dFI=
2010-12-24 16:14:44 1PWHmV-0001L9-UI => ntgtest@www.brandonchecketts.com R=lookuphost T=remote_smtp H=www.brandonchecketts.com [207.210.219.125]
2010-12-24 16:14:44 1PWHmV-0001L9-UI Completed
Code:Thank you for using the verifier, The Port25 Solutions, Inc. team ========================================================== Summary of Results ========================================================== SPF check: pass DomainKeys check: neutral DKIM check: pass Sender-ID check: pass SpamAssassin check: ham ---------------------------------------------------------- DKIM check details: ---------------------------------------------------------- Result: pass (matches From: john@nwtechgroup.com) ID(s) verified: header.d=nwtechgroup.com Canonicalized Headers: message-id:<3c9895b21ab83028e7ecb77bb86af47a.squirrel@webmail.nwtechgroup.com>'0D''0A' date:Fri,'20'24'20'Dec'20'2010'20'16:13:05'20'-0800'0D''0A' subject:'0D''0A' from:"N.W.'20'Technology'20'Group"'20'<john@nwtechgroup.com>'0D''0A' to:check-auth@verifier.port25.com'0D''0A' reply-to:john@nwtechgroup.com'0D''0A' mime-version:1.0'0D''0A' content-type:text/plain;charset=iso-8859-1'0D''0A' content-transfer-encoding:8bit'0D''0A' dkim-signature:v=1;'20'a=rsa-sha256;'20'c=relaxed/relaxed;'20'd=nwtechgroup.com;'20's=default;'20'h=Message-ID:Date:Subject:From:To:'20'Reply-To:MIME-Version:Content-Type:Content-Transfer-Encoding;'20'bh=Ikg14KprzypYlejwPLa35vaNVzy198CRaqAFEDIficw=;'20'b= Canonicalized Body: '0D''0A' '0D''0A' '0D''0A' '0D''0A' |'20'Northwest'20'Technology'20'Group'0D''0A' |'20'Fault'20'Tolerant,'20'Clustered'20'cPanel'AE''20'Web'20'Hosting'0D''0A' |'20'Professional'20'Web'20'Design,'20'Website'20'Overhauls'0D''0A' |'20'On-Location'20'I.T.'20'&'20'Network'20'Engineering'20'Solutions'0D''0A' '0D''0A' |'20'6950'20'Southwest'20'Hampton'20'Street'0D''0A' |'20'Tigard,'20'Oregon'20'97223'0D''0A' |'20''20'[Direct]'0D''0A' |'20'john@nwtechgroup.com'0D''0A'
I'm honestly not sure if this is old news, but after some tweaking, I have a workaround for DKIM Signatures in cPanel. I am running 11.28.52-RELEASE_50725.
Involves a bit of DNS tweaking and some tedious time spent in exim.conf, but I'm more than willing to write up a tutorial if you folks have a workaround in place already, but the jist is disabling DomainKeys in the cPanel and then tweaking exim.conf to use a custom generated dkim.key which you call out in the DNS zone:
Code:remote_smtp: driver = smtp dkim_selector = default dkim_canon = relaxed dkim_private_key = /usr/local/cpanel/etc/exim/dkim.key dkim_domain = nwtechgroup.com interface = ${if exists {/etc/mailips}{${lookup{$sender_address_domain}lsearch*{/etc/mailips}{$value}{}}}{}} helo_data = ${if exists {/etc/mailhelo}{${lookup{$sender_address_domain}lsearch*{/etc/mailhelo}{$value}{$primary_hostname}}}{$primary_hostname}}
Yeah, I know I left my domain and IP in here. I trust my firewalls.
So anyway if there's a large enough request for a tutorial, I'd be happy to write one up.
-John
Last edited by Johnny Cache; 12-24-2010 at 08:38 PM.
-
12-24-2010, 11:26 PM #2relax, im a professional
- Join Date
- Dec 2007
- Posts
- 1,278
Let me burst your bubble. cPanel user area (not whm) Email Authentication.
Tests everything and is accurate as long as the dns is hosted locally on the cPanel server.James Paul Woods
Operations Manager
HostKitty Internet Services
-
12-24-2010, 11:39 PM #3Mostly Retired!
- Join Date
- Nov 2002
- Location
- Portland, Oregon
- Posts
- 2,992
From what I understand of it, SPF and DK are the only auth protocols that are implemented in cPanel. Been doing some readin' up on the cPanel support forums today.
According to http://forums.cpanel.net/f145/add-su...ail-77940.html - the estimated release with support for DKIM has yet to be completed.
Then, at http://forums.cpanel.net/f145/add-su...-77940-p9.html - you start reading peoples' frustration for the lack of this support.
I'm not saying there aren't any other workarounds, but unless your exim_mainlog comes up with a DKIM Signature (not to be confused with DK) like this below example, then you might not have configured support for DKIM.
Code:1PWKld-0002cM-4G <= user@domain.com H=localhost.localdomain (webmail.domain.com) [127.0.0.1] P=esmtpa A=dovecot_login:user@domain.tld S=1061 id=547f192b6840e82ce18953cc1493e0b2.squirrel@webmail.domain.tld 2010-12-24 19:26:15 1PWKld-0002cM-4G Message signed with DKIM: DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=domain.com; s=default; h=Message-ID:Date:Subject:From:To: Reply-To:MIME-Version:Content-Type:Content-Transfer-Encoding; bh=UH1i93V8Z8jKfR194SONrPEBPUxO62FbmGu32i/V7Qc=; b=Cm+rpoi1MJhw1 3o9TeFPEiYEP/GLITzDkT/94DPqareAJgMl3zzggZ6gOPalgqP1+MuyDpQxh6GHY jURwrkiaUM/KJ+m3/l7VbFN29neoMixztqj8veYr87gnjfpgPxeQ8k7EtrZfMiLj KJbpPUfGedTOE12+MF1U5BllaEggbM= 2010-12-24 19:26:17 1PWKld-0002cM-4G => nwtg.local@host.tld.net R=lookuphost T=remote_smtp H=XXXX.n3twork.net [XXX.XXX.XXX.XXX] X=TLSv1:DHE-RSA-AES256-SHA:256 2010-12-24 19:26:17 1PWKld-0002cM-4G Completed
Code:---------------------------------------------------------- DKIM check details: ---------------------------------------------------------- Result: neutral (message not signed) ID(s) verified:
Never hurts to look at your configs. At least my clients' emails aren't going into the Yahoo/Hotmail/Live.com "Junk" folders whatsoever anymore.
But heck, I learned a ton today regardless!Last edited by Johnny Cache; 12-24-2010 at 11:43 PM. Reason: Omitted client email address
-
12-24-2010, 11:44 PM #4Mostly Retired!
- Join Date
- Nov 2002
- Location
- Portland, Oregon
- Posts
- 2,992
I probably should have noted that I operate clustered environments. Oops!
-
12-25-2010, 05:28 PM #5Web Hosting Master
- Join Date
- May 2010
- Posts
- 658
Yes it would help if you made a tut, i'm sick of my messages getting marked as spam sometimes :O
- Ashton█ Ashton Allen | FuseWeb Limited
█ Premium UK Webhosting
█ | Shared Hosting | VPS | Reseller Hosting | VOIP |
█ FuseWeb.co.uk Or follow us on Twitter
-
12-25-2010, 05:29 PM #6Mostly Retired!
- Join Date
- Nov 2002
- Location
- Portland, Oregon
- Posts
- 2,992
-
12-26-2010, 02:37 AM #7relax, im a professional
- Join Date
- Dec 2007
- Posts
- 1,278
Wasn't one of these two things depreciated? Im going to have to assume the method your talking about was since I can't see cPanel including it only to have it be old.
What's the point of having your system work with "dkim" when domainkeys isn't setup and is very easy to setup?
If your mail is getting flagged as spam with domainkeys & spf you have other issues.James Paul Woods
Operations Manager
HostKitty Internet Services
-
03-11-2011, 05:14 AM #8Web Hosting Master
- Join Date
- Mar 2006
- Location
- Johannesburg,South Africa
- Posts
- 601
Hi,
Thanx for sharing your success in getting DKIM working on a cPanel server.
With your setup, do I need to add a remote_smtp entry for every domain on the server, or does this configuration work for a shared server?South African Web Hosting - http://www.SoftDux.co.za || SA WebHostingTalk - http://www.webhostingtalk.co.za
-
04-04-2011, 02:47 PM #9Mostly Retired!
- Join Date
- Nov 2002
- Location
- Portland, Oregon
- Posts
- 2,992
A remote_smtp entry will be required on each individual account. I've not tested it globally, yet.
-
04-04-2011, 02:49 PM #10Mostly Retired!
- Join Date
- Nov 2002
- Location
- Portland, Oregon
- Posts
- 2,992
This should work globally.
-
04-04-2011, 02:56 PM #11Mostly Retired!
- Join Date
- Nov 2002
- Location
- Portland, Oregon
- Posts
- 2,992
DK and DKIM appear to be working on my cPanel nodes at this time.
http://www.brandonchecketts.com/emai...nchecketts.com
-
04-10-2011, 05:00 AM #12Newbie
- Join Date
- Jun 2007
- Posts
- 25
-
04-15-2011, 05:36 AM #13Mostly Retired!
- Join Date
- Nov 2002
- Location
- Portland, Oregon
- Posts
- 2,992
-
04-15-2011, 05:56 AM #14Web Hosting Master
- Join Date
- Mar 2006
- Location
- Johannesburg,South Africa
- Posts
- 601
South African Web Hosting - http://www.SoftDux.co.za || SA WebHostingTalk - http://www.webhostingtalk.co.za
-
06-22-2011, 02:08 PM #15Junior Guru Wannabe
- Join Date
- Jan 2004
- Location
- India
- Posts
- 49
Can you please send it to me also?
Surebrowse
-
08-04-2011, 06:15 PM #16Newbie
- Join Date
- Mar 2011
- Posts
- 18
Me too, could you send the installation instructions on PM?
-
08-27-2011, 04:07 PM #17Mostly Retired!
- Join Date
- Nov 2002
- Location
- Portland, Oregon
- Posts
- 2,992
DKIM Signature Support ETA 11.32
According to the cPanel folks, DKIM signature support will be released for QA in EDGE 11.32.x, but they will be pulling support for DK. (See http://forums.cpanel.net/f145/add-su...77940-p13.html)
It would be best to wait until this is deployed by the engineers before attempting to use my workaround.
From cPanelDavidG - Update: We will be implementing DKIM but dropping DomainKeys due largely to the input on this thread indicating the old DomainKeys standard is basically no longer being used. Just updating this thread in case anyone wants to take any preemptive maintenance on their servers just before 11.32 reaches production tiers. Currently, version 11.30 is in EDGE and will soon be propagating to all production tiers, paving the way for 11.31/11.32 to begin propagating through pre-production tiers.
-
03-20-2012, 08:32 PM #18New Member
- Join Date
- Mar 2012
- Posts
- 1
Hello,
I tried several times to install the dkim and didn't succeed.
Brandon Test Results
result = fail
Details: bad RSA signature
I used step by step this short tutorial techinterplay.com/enabled-dkim-cpanel-server.html
Don't know what i did wrong. Please help me
-
03-23-2012, 01:14 AM #19Mostly Retired!
- Join Date
- Nov 2002
- Location
- Portland, Oregon
- Posts
- 2,992
11.32
-
03-26-2013, 01:48 PM #20New Member
- Join Date
- Mar 2013
- Posts
- 3
So where do I find information on how to setup the dkim signature, ie where does that information go in the email app for the current run of cpanel?
-
03-26-2013, 02:02 PM #21Newbie
- Join Date
- Mar 2011
- Posts
- 18
<<< Please see Forum Guidelines for signature setup. >>>
-
03-26-2013, 02:51 PM #22New Member
- Join Date
- Mar 2013
- Posts
- 3
Step by step directions to setup dkim for cpanel
what I was really looking for were step by step directions on how to setup DKIM for CPANEL.
-
03-26-2013, 04:04 PM #23Newbie
- Join Date
- Mar 2011
- Posts
- 18
<<< Please see Forum Guidelines for signature setup. >>>
-
03-26-2013, 04:19 PM #24New Member
- Join Date
- Mar 2013
- Posts
- 3
then where in the updated cpanel console would one go to add the dkim signature to the mail, config, so the mail server has the private key?
-
03-26-2013, 04:46 PM #25Newbie
- Join Date
- Mar 2011
- Posts
- 18
<<< Please see Forum Guidelines for signature setup. >>>
Similar Threads
-
Need Help with DKIM
By galleline in forum VPS HostingReplies: 4Last Post: 11-21-2010, 02:23 AM -
DKIM w/ cPanel/Exim Linux Server
By apacheMan in forum Hosting Security and TechnologyReplies: 22Last Post: 10-18-2010, 03:39 PM -
install dkim in cpanel
By droidman in forum Hosting Security and TechnologyReplies: 1Last Post: 09-12-2010, 07:04 AM -
how to set DKIM and Domain Keys on centos 5.2 with cPanel ??
By koolnhot in forum Hosting Security and TechnologyReplies: 5Last Post: 07-01-2009, 07:44 AM -
Uniform email signatures across a group of people with Cpanel hosting?
By Azam_net in forum Hosting Software and Control PanelsReplies: 1Last Post: 06-09-2009, 02:53 PM