DKIM - Webmin/Virtualmin - DNS issues


I have been struggling with getting DKIM working correctly for a few days now and it is driving me absolutely crazy. Yahoo isn’t a fan of accepting our emails without DKIM and so i’m desperate to get this resolved as soon as possible.

So, I used webmin to configure DKIM and within the /etc/mail/dkim-milter/keys/ directory is the private key as I had hoped. Webmin then gives me the following:

**DNS records for additional domains **

tcbg._domainkey IN TXT ( "v=DKIM1; k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC5+LPQNh/kY/b1IaXtV"
	"RsD8RlsOmmJ+ME9QlPbqp+r0W6PZC6h63DJOiAfHOEno3yFUUreFMY4FTp2hKPJRuZshX625QIDAQAB" )

As you can see, the public seems to be split with quotation marks and spaces - I can’t seem to find anything about how I might include this in the Digital Ocean DNS correctly. I’ve tried to remove spaces & quotation marks and have input the following into the DNS settings:




When I dig this from terminal on my computer, it seems to return the correct answer section… But when testing the DKIM by emailing: I receive the following:

SPF check details:
Result:         permerror 
ID(s) verified:
DNS record(s): SPF (no records) 1722 IN TXT "v=spf1 ~all" SPF (NXDOMAIN)

DomainKeys check details:
Result:         neutral (message not signed)
ID(s) verified:
DNS record(s):

DKIM check details:
Result:         permerror (key "" doesn't exist)
ID(s) verified: 
Canonicalized Headers:

Canonicalized Body:

DNS record(s): TXT (NXDOMAIN)

NOTE: DKIM checking has been performed based on the latest DKIM specs
(RFC 4871 or draft-ietf-dkim-base-10) and verification may fail for
older versions.  If you are using Port25's PowerMTA, you need to use
version 3.2r11 or later to get a compatible version of DKIM.

If anyone is able to offer advice, it would be massively appreciated as I’m tearing my hair out with frustration.

Thanks in advance for your time,


Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Want to learn more? Join the DigitalOcean Community!

Join our DigitalOcean community of over a million developers for free! Get help and share knowledge in Q&A, subscribe to topics of interest, and get courses and tools that will help you grow as a developer and scale your project or business.

in my situation. dkim has refused to implement. using webmin installed on Ubuntu and my domain provider is namecheap

Just in case anyone searching comes across this then can I suggest to test DKIM is working.

And secondly I doubt dkim was the problem. Yahoo blacklist IPs. If you contact then then Yahoo come back and suggest you do all sorts of stuff, DKIM etc., non of which makes any difference because the problem is they are blocking your IP. Check the fail message, if it says “[TS03] All messages from x.x.x.x will be permanently deferred; Retrying will NOT succeed.” where x.x.x.x is your IP then Yahoo are blocking your IP. Good luck with getting through to Yahoo about that though!

I would suggest raising it via a support ticket to get DO on the case too. Or if you want a quick result try moving (or spinning up a test VPS) to a different country as in my experience if Yahoo blocks one DO IP they block the whole range at a location, as far as I can tell.

Bizarrely, with absolutely no changes made… This appears to have started working.