Set up DKIM and DMARC correctly

peps03

Verified User
Joined
Oct 24, 2013
Messages
100
Location
Amsterdam
I've read through the documentation available on this issue but just haven't managed to set up all up properly.
(Like: https://help.directadmin.com/item.php?id=569)

SPF is validated correctly.

Part of the problem i think is: the website sends email from: header.from=aaabbb.nl, but smtp.mailfrom=aaa@bbb.ccc.nl (vps domain name). So i generated a DKIM for the domain aaabbb.nl but this isn't detected / implemented correctly i think. For example, what should the VPS dkim "Selector" be?

Original message content:
spf=pass (google.com: domain of aaa@bbb.ccc.nl designates 111.111.111.111 as permitted sender) smtp.mailfrom=aaa@bbb.ccc.nl;
dmarc=fail (p=QUARANTINE sp=NONE dis=NONE) header.from=aaabbb.nl

Some help would be highly appreciated! :)
 

zEitEr

Super Moderator
Joined
Apr 11, 2005
Messages
14,252
Location
GMT +7.00
Hello,

Directadmin configures DKIM selector with name x, in DNS it looks like: x._domainkey

If any email leaves your server with a hostname in headers you need to have a valid DKIM for the hostname in DNS too.

As for web-sites if you use PHP mail() then it's possible to see hostname in mailfrom or other headers.
 

peps03

Verified User
Joined
Oct 24, 2013
Messages
100
Location
Amsterdam
If any email leaves your server with a hostname in headers you need to have a valid DKIM for the hostname in DNS too.

I think that is what i need indeed. How do i generate the DKIM record for the server hostname? And where will it show up in DA?

And would this DKIM record be reusable for all domains on the server?
 

peps03

Verified User
Joined
Oct 24, 2013
Messages
100
Location
Amsterdam
Ok, thanks. Where will i find the dkim record after generating? As the hostname doesn't have a local hosting account with dns records.
 

peps03

Verified User
Joined
Oct 24, 2013
Messages
100
Location
Amsterdam
I'm almost there. Could you explain a bit more on how to do this:
"create a DNS zone for hostname on the directadmin server"

Thanks!
 

peps03

Verified User
Joined
Oct 24, 2013
Messages
100
Location
Amsterdam
Anybody an idea on how i should do this? Of course i search google but can't find any instruction on this.. thanks!
Really need this fixed.
 

Tazmanian79

Verified User
Joined
Jul 24, 2010
Messages
89
Login to Directadmin as admin
> admin tools > DNS Administration

Add zone
> server.domain.com
> your IP Address
> your NS servers

And add this zone.
 

peps03

Verified User
Joined
Oct 24, 2013
Messages
100
Location
Amsterdam
Thanks for the replies.

At that you mean. The hostname was already listed as DNS zone. But when i click it, i get the message:

Error Reading db file
Details
Can't open file /var/named/vps23.xxxxxxxxx.nl.db for reading

When i click any other domain name i get the usuals list of DNS entries.

So my concern is still, if i run:
cd /usr/local/directadmin/scripts
./dkim_create.sh vps23.xxxxxxxxx.nl

Where will i find the generated DKIM record?
 

ditto

Verified User
Joined
Apr 27, 2009
Messages
2,580
Your first need to fix the error when opening your hostname dns.

What are the file permissions and owner/group for /var/named/vps23.xxxxxxxxx.nl.db? They should be:

owner/group: root root
permission: 644
 

peps03

Verified User
Joined
Oct 24, 2013
Messages
100
Location
Amsterdam
There is no file named: vps23.xxxxxxxxx.nl.db present in the /var/named/ folder.. strange.

Maybe delete the hostname from the DNS zone overview and re-add it? Is that an option?
 
Last edited:

peps03

Verified User
Joined
Oct 24, 2013
Messages
100
Location
Amsterdam
Delete and created the record successfully. When trying to create the dkim key i now get this message:

Unable to find /etc/virtual/vps23.xxxxxxxxxx.nl
 

Richard G

Verified User
Joined
Jul 6, 2008
Messages
5,672
Location
Maastricht
Remove the record because it wasn't created correctly now, since the dkim files will reside in the /etc/virtual/vps23.xxxxx.nl directory.

Then first create this /etc/virtual/vps23.xxxx.nl directory via ssh and chown it to mail so it looks something like this:
Code:
drwxr-xr-x   2 mail      mail   4.0K 2017-07-11 01:31 vps23.xxxxxxx.nl

After that, create the records again and see if there are still error notices.
 

Richard G

Verified User
Joined
Jul 6, 2008
Messages
5,672
Location
Maastricht
@Boxerke:
First make sure your hostname is configured in Directadmin itself and can be found in the /usr/local/directadmin/conf/directadmin.conf file.

If that is the case, you can just create a new directory like this via SSH as root:
Code:
cd /etc/virtual
mkdir server.yourdomain.com
chown mail:mail server.yourdomain.com -R
 
Top