Question
How can i Install and configure DKIM on CentOS?
- Posted on March 6, 2015
- DNSEmailGetting StartedControl PanelsCentOS
Asked by mangurumuiruri
Hello guys,
Am trying to install and configure SPF and DKIM but my emails still go to spam. Find below headers from gmail and yahoo response.
I am running on CentOS 6.5 64bit, Zpanel, Roundcube for my emails
Kindly help on how i would solve this error “dkim=neutral (bad version) header.i=@”
I used this tutorial to configure my dkim http://www.prosinger.net/index.php/opendkim-postfix/
I have replaced my domain name with xxxxxxxxxxx.com and my IP address with 000.00.000.000 for the purpose of asking this question.
I have also set my DNS records as follows:
TXT @ "v=spf1 mx -all"
and
TXT mail._domainkey "v=DKIM1; g=*; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC13SVMhSMOFNrAco7J0W6o1FvOVzfkYqRWVB2OrE6voPR68Q+DMPoVs3IPhs971cbGAvZRduQ2cspbblnf2mlhtpCphe8s0ox4CeZPVR0sR2lmXxrWnZmflALmpsHuIvNVQ3dJT/EI3Vy59t9VOxZ0zByMGgRD5SEVb++++++xhBLwIDAQAB"
//-----GMAIL HEADER RESPONSE------//
Delivered-To: mangurumuiruri@gmail.com
Received: by 10.27.183.8 with SMTP id h8csp1216913wlf;
Fri, 6 Mar 2015 04:56:48 -0800 (PST)
X-Received: by 10.180.149.205 with SMTP id uc13mr33502783wib.0.1425646607956;
Fri, 06 Mar 2015 04:56:47 -0800 (PST)
Return-Path: <support@xxxxxxxxxxx.com>
Received: from server.xxxxxxxxxxx.com (server.xxxxxxxxxxx.com. [000.00.000.000])
by mx.google.com with ESMTP id hx8si14204707wjb.100.2015.03.06.04.56.47
for <mangurumuiruri@gmail.com>;
Fri, 06 Mar 2015 04:56:47 -0800 (PST)
Received-SPF: pass (google.com: domain of support@xxxxxxxxxxx.com designates 000.00.000.000 as permitted sender) client-ip=000.00.000.000;
Authentication-Results: mx.google.com;
spf=pass (google.com: domain of support@xxxxxxxxxxx.com designates 000.00.000.000 as permitted sender) smtp.mail=support@xxxxxxxxxxx.com;
dkim=neutral (bad version) header.i=@
Received: from server.xxxxxxxxxxx.com (localhost [127.0.0.1])
by server.xxxxxxxxxxx.com (Postfix) with ESMTPA id 065F940E9C
for <mangurumuiruri@gmail.com>; Fri, 6 Mar 2015 07:56:47 -0500 (EST)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=xxxxxxxxxxx.com;
s=default; t=1425646607;
bh=aPk57tH8wVq+/UKJBMegfzUAzrBGFnon/irnHq85+ok=;
h=Date:From:To:Subject;
b=SSORHnoN+W/sywGbVvjeHG+CSyEXBgmmJjS/vKtS/Qch3WCxupO2DluVylfdt4gHC
TYvDa7kh/UBk+UB10M73btm7XGHsmSDsDeKsFdku3Q2qWEHWR/N7Sz7CFbT7+2uWX5
WhHA+bFsW5AKnqntFbl6BcwLB07VFaKQSebnnSTY=
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="=_4acede452a4b7b2f16a986ec3b62713e"
Date: Fri, 06 Mar 2015 07:56:46 -0500
//-----YAHOO HEADER RESPONSE------//
From support@xxxxxxxxxxx.com Fri Mar 6 13:20:46 2015
X-Apparently-To: stanleywachira64@yahoo.com; Fri, 06 Mar 2015 13:20:47 +0000
Return-Path: <support@xxxxxxxxxxx.com>
Received-SPF: pass (domain of xxxxxxxxxxx.com designates 000.00.000.000 as permitted sender)
aHRtbAMDMQ--
X-YMailISG: 6TxQJ4UWLDu3bzjVUyqDY8BtidmycXvzNH44zhoqsHWclFdZ
E89BxWk9mUq9VgJns_dZunSJrEvNtCsVZHw3xa2R4KjlJvWZiN69VD.ZCcWI
gg4j1mAIkBbtGqSYjMllzw8bk3uuB8Z.dS8F7H8YYYSE6Z7_INxWpud.d4KV
XEyUEdBicyv2AiRLA621F._GEnMFoOH_pOiIQo9iJZWGnvgzjmFf.gz9MEg3
8YXiYUVK_pIzyYnQsoiPmAoWf.5gBVJeSEyxTfj3nlyYAOnlNzq3ujZOzcvs
_6MKyDOMhvJfJPH34IVL_fCWGEvr4L7fmL5iKn.S2i4AxjaTcs76Q9OfV_H5
byOdNdKGLgCeMwJ1sPNhzlKHkQevzdMOiodJMmJks3DnjUrmJrd0mpTSMO5P
J9GyVRHNTus1Er6k1TvNJuCWWgupSBqoVm0kiqoG.T5lefFHCX6dr4gNfQcT
KAAjsLYT2PD5jQQtpD3kpgj5JDux3yCmE7Ms9ybqgHNsrUzub.2RPJ9bo6ec
pB4MzER59LAyPigB6aMg6zOTZiD1Pf2amiqa.vxaHPuAqRmkDxURsYj2vywq
tAYfjNYHifMdaqmHcanXDW1Dt5mfNMZVwsHqLW0ugr_MM3lnA9aB8S5wZbSN
aYfqvUwci4iL_eXTL00aSMDtIZHfCwhKvl5EB8Z61t_5JDRWgIOZMZqheeiT
Ptl5IiqrBetA_qB_eFQsGyc2tREgHj_iGjitbpWhfMqTsaGBrAlaL_pjV2.6
o0zYNituSJ95P7grPCQTkdpqoYjYSUUGoy5fyvzbLsGX5t7Dq32vwzfSOxva
DPKdOPKs.HE5BzPdIdly0P1weQ91cHr8kZ4Vh7dJgwqaxDvBT1jOCwcplEhI
.wC5upK9H7gLPHtgJiIhR.qFZmyfWHd16_V91WRCvWv5DllDegGIRpXH4q3e
Sx.AZHwNQYTN6vC2Zj6Wfim8rCrHx8RgACfoBO9z05U2n6gslpqKqzY_wkH2
UGK8bbMNtIVHnQ_pnKELvgio4ZmIM75hHFKUKwkpA64jN9MKOhGlWk919zWe
m9B6_D.O0GKaRcyHc10yttiMxpIUQ4rOOtaCuJa2nB7Y3FHBLOWt8M0bMGnm
TcjxJAolSd30lAbPTLVPDOyIaGga4iykzq7javFE6MCda0odG8jWcr8I8wAk
isAENiQz3s_.Ug2YTiSQd4Np8nMWkOPLfSC5eIdjv6zjMpMdIncEOqYj84U1
4Zhh8TzPmUaCUc3LjuHwJYRGiKZyC8Sgz72yL6F1yuPtT6NB7naP2OcxWABp
CF7qb5nFwP3669lTvMlOQN5.hJv2o8gg61_RlsrSIWsUjANiWzPxynft5BVa
OxpPVD85UzxSxRPu7cKLcNQFcidIOMY4
X-Originating-IP: [000.00.000.000]
Authentication-Results: mta1011.mail.bf1.yahoo.com from=xxxxxxxxxxx.com; domainkeys=neutral (no sig); from=xxxxxxxxxxx.com; dkim=fail (unknown key version)
Received: from 127.0.0.1 (EHLO server.xxxxxxxxxxx.com) (000.00.000.000)
by mta1011.mail.bf1.yahoo.com with SMTP; Fri, 06 Mar 2015 13:20:46 +0000
Received: from server.xxxxxxxxxxx.com (localhost [127.0.0.1])
by server.xxxxxxxxxxx.com (Postfix) with ESMTPA id 73B8E4091D
for <stanleywachira64@yahoo.com>; Fri, 6 Mar 2015 08:20:46 -0500 (EST)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=xxxxxxxxxxx.com;
s=default; t=1425648046;
bh=pJ8Zn92/H8dQkufKDdWy3D7H+zEP2rL0cFkFDMQPdo4=;
h=Date:From:To:Subject;
b=fVHSF5eWKrYgTFISgzKCx8HFN/+Px64WEMT6Fu2q/MNI6aiiZVdUi3TFwTVi8OENw
cAQUH1E9vkgsrrZHv5Mk4EGKYePjOqvVesq5mD9JJy0nMmr+g0GKCeyz+PwbfR6Md0
StQILw1hFRxw8exb8ihf+Is/HlUNtMq6WHD01INc=
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="=_e954350ae21adc68b88f7e212d73801d"
Date: Fri, 06 Mar 2015 08:20:46 -0500
Submit an answer
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
Want to learn more? Join the DigitalOcean Community!
Join our DigitalOcean community of over a million developers for free! Get help and share knowledge in Q&A, subscribe to topics of interest, and get courses and tools that will help you grow as a developer and scale your project or business.
Hello there,
A DKIM record is another measure that can prevent spoofing and improve mail reliability. You can use any online tool to generate the key for you.
In order to have a proper DKIM record, you’ll need to have one public and one private DKIM key. Usually, how it goes is, you have the private DKIM on your Droplet and the public DKIM record added to your DNS.
When you send an e-mail to a another domain, the server the domain is on, checks both the public and the private DKIMs to see if they match.
Basically, in order for your DKIM to work, you’ll need to have the private part on your Droplet. Having said that, Plesk does come as far as I’m aware with a tool that does this.
Also if you use any control panel for your server, like cPanel it will have the built-in functionality to create the DKIM record on your behalf.
Once created you can use a DKIM checker tool like the one provided from mxtoolbox and check whether the generated key is valid.
https://mxtoolbox.com/dkim.aspx
Another DKIM tester you can use is
https://www.mail-tester.com/spf-dkim-check
Hope that this helps!
Hello there!
The information here all looks correct and that indicates that the DNS may not be setup correctly. As a result, when the mail server checks to verify your DKIM it fails. Have you tried running your domain through a DKIM tester such as https://www.mail-tester.com/spf-dkim-check?
It can help to verify that your DNS is returning the records correctly and in the proper format. Feel free to post what problems pop up, if any, when you try that!