How to enable DKIM in cPanel server.

DomainKeys Identified Mail (DKIM) lets an organization take responsibility for a message while it is in transit and one can use this to prevent from getting blacklisted by the free email providers like Yahoo, MSN and Google. DKIM can increase the mail authenticity.

cPanel does not have an interface to enable DKIM like we have for SPF and Domain Keys. cPanel is still working on it for getting it implemented. However we can enable it manually by following the below steps.

Check if exim is compiled with DKIM support enabled.

1 root@server # /usr/sbin/exim -dd 2>&1 | grep Experimental_DKIM
1 Support for: crypteq iconv() IPv6 PAM Perl OpenSSL Content_Scanning Old_Demime Experimental_SPF Experimental_SRS
2 Experimental_DomainKeys Experimental_DKIM
Generate the SSL keys
1 cd /usr/local/cpanel/etc/exim
1 openssl genrsa -out dkim.key 1024
1 openssl rsa -in dkim.key -out dkim.public -pubout -outform PEM

You will find two keys, dkim.key & dkim.public

Open dkim.public and copy the contents excluding the –Begin– and –End– section. This is your DKIM key.  Now open exim configuration file and append the below entries under the section ‘remote_smtp’

Sample file: vi /etc/exim.conf

——————————-

1 remote_smtp:
2 driver = smtp
3 #
4 dkim_domain=your_domain_name.com
5 dkim_selector=mail
6 dkim_private_key=/usr/local/cpanel/etc/exim/dkim.key #path to the dkim.key key.
7 interface = ${if exists {/etc/mailips}{${lookup{$sender_address_domain}lsearch*{/etc/mailips}{$value}{}}}{}}
8 helo_data = ${if exists {/etc/mailhelo}{${lookup{$sender_address_domain}lsearch*{/etc/mailhelo}{$value}{$primary_hostname}}}
9 {$primary_hostname}}

————————–

Now on WHM, open DNS editor for the particular domain and add the TXT entry with DKIM key like below.

————————–

1 mail._domainkey.domain_name.com. IN TXT "v=DKIM1; g=*; k=rsa;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDv4PSEM9P
2 cxlI2tRojAUQ9hpRQ0Zj/XM4SK08/Drhm/CaspJAKZF9rZDAw18TrfuXeRgsMWAdS2vJ4Oa/kXqX0NM2eBJcmasu4GeNXANmXvC1umz+8mC6r
3 EPlE/Ucau4tmAHOZL0HJ9IDd/PIxoTkeTm3mjGeqvKBLbdvVIDXbcQIDAQAB"

————————–

Here p=the_key_you_have_copied_from_dkim.public

Restart exim and named services.

1 /scripts/restartsrv exim
1 /scripts/restartsrv named

To check whether DKIM is setup properly, send a mail to dkimtest@atmail.org , if setup properly, you will get a reply like below ,else a failure message.

—————————————————-

Subject:    AutoReply from dkimtest@atmail.org

From:    spftest@your_domain_name.com

Date:    Sun, May 23, 2010 1:27 am

To:    spftest@your_domain_name.com

*** DKIM TEST SUCCESSFUL ***

Advertisements

Share your thoughts with us!!!

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s