DKIM signature invalid
DKIM Signature Invalid on mail-tester.com – CyberPanel [SOLUTION]
General fix: [SOLUTION]
No matter whether your domain is hosted on Cloudflare, GoDaddy, etc. this will work on all.
Quick fix (change TTL of default._domainkey to 600 seconds or less.)default._domainkey
is a DKIM TXT record value.
I’m using
- DigitalOcean Droplet
- CyberPanel
- Rainloop Mailbox (comes with CyberPanel)
- Domain hosted in GoDaddy
DKIM signature invalid
DomainKeys Identified Mail (DKIM) is a method for associating a domain name to an email message, thereby allowing a person, role, or organization to claim some responsibility for the message.
CyberPanel shows:
default._domainkey.domain.com – Copy the value and later we’ll modify it.
"v=DKIM1; h=sha256; k=rsa; " "p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt0pYyIwZbshTfop3LMiHFU7Hql9/qRHb2w/0eT2tPdoVZ8KaRNsbqmbNwt+emo+hSYj36m25r0s1MmWRwnOEWVSZOfhD0qUuKDyALNXT4wCa2uQKmkDP7Y5CLo9AEdCyctliYpjcII2cLqGZJ0+TEcJUdOObLAdzsqGxjKwcb43jcuMgx6jVAFQecCXlHZeD9y6yGQ8pFtFHt2" "c4zD1/0sBJPb1COvOosEmZ7CBa5bKHRe+tPgrdyP6WYgfmVnN0k0RfFxnVdFpgO+QhyR+GzhvCtjiP6qJtIwlG0rXSUBzqE/6BL0oDYKVXDYxBzrekkTcgOEuCIb6SxU672orkCQIDAQAB"
So, you need to remove the 6 quotation marks ” “ manually depending on your domain host.
e.g and the final result must be like the below.
v=DKIM1; h=sha256; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt0pYyIwZbshTfop3LMiHFU7Hql9/qRHb2w/0eT2tPdoVZ8KaRNsbqmbNwt+emo+hSYj36m25r0s1MmWRwnOEWVSZOfhD0qUuKDyALNXT4wCa2uQKmkDP7Y5CLo9AEdCyctliYpjcII2cLqGZJ0+TEcJUdOObLAdzsqGxjKwcb43jcuMgx6jVAFQecCXlHZeD9y6yGQ8pFtFHt2 c4zD1/0sBJPb1COvOosEmZ7CBa5bKHRe+tPgrdyP6WYgfmVnN0k0RfFxnVdFpgO+QhyR+GzhvCtjiP6qJtIwlG0rXSUBzqE/6BL0oDYKVXDYxBzrekkTcgOEuCIb6SxU672orkCQIDAQAB
remove quotation before v=DKIM1
remove quotation after k=rsa;
remove quotation before p=
remove the last quotation.
Don’t remove any quotation inside p=
and then add that record in txt default._domainkey
by default TTL will be 1 Hour. ALERT!
change TTL of default._domainkey to 600 seconds.
and then test again mail with mail-tester_com and am sure this time the error fixed. If the error is fixed then again change the TTL of default._domainkey to 1 Hour.
Start Testing – Pick an email from email-tester.com
goto to the website mail-tester.com and pick the email.
Send an email to the mail you pick from email-tester.com
Start Test
The response is: DomainKeys Identified Mail (DKIM) is a method for associating a domain name to an email message, thereby allowing a person, role, or organization to claim some responsibility for the message.
Now change the TTL value
Set TTL of default._domainkey to 600 seconds. Later I’ll set again it to 1 Hour.
After changing the TTL value, go to mail-tester.com and reload the page. this time a new mail was generated. Copy the mail and again send an email through your server.
Finally
Now again change the TTL value to default or 1 Hour (36000 seconds).
Further How to Create a reverse DNS record?
Reverse Domain Name Service (DNS) records are essential for those running a mail server because many recipient servers reject, or mark as spam, all email that originates from an unauthenticated server. As am using DigitalOcean so, I can share the specific details.
The Reverse DNS has been configured automatically from our end based on the droplet’s hostname.
PTR records
You have no PTR records.
DigitalOcean will automatically create a PTR record for a server when you rename the host Droplet to the fully qualified domain name of a domain you are managing on your account.
To check Mail Health visit https://mxtoolbox.com/domain/
This mxtoolbox.com
the tool will help you with Reverse DNS (PTR Records).
I hope this article is helpful.