ispconfig DKIM and sparkpost DKIM validator

Discussion in 'Installation/Configuration' started by kibmc, Nov 5, 2020.

  1. kibmc

    kibmc New Member

    Hi,
    Using Ispconfig3 3.1.15p3 with 2048 bit length DKIM. I have dkim dns TXT entry and dmarcanalyzerk says it is valid.
    if I testing my dkim with dkim sparkpost tools
    It says: Signature could not be verified
    But
    if I try my DKIM settings with mxtoolbox
    it says all ok.
    can you help me please ?

    thank you:
    kib
     
  2. kibmc

    kibmc New Member

    I mean
    ping\@tools\.mxtoolbox\.com
    check says it's valid

    the sparkpost tool is:
    tools\.sparkpost\.com\/dkim
     
    Last edited: Nov 5, 2020
  3. Th0m

    Th0m ISPConfig Developer Staff Member ISPConfig Developer

    If the results differ, check if they show you what they got as output. Maybe they have a cached entry of a old record?
     
  4. kibmc

    kibmc New Member

    maybe...
    but this is a few days old problem,

    I hope someone try "sparkpost" with her/his own ispconfig and dkim configuration
     
  5. Th0m

    Th0m ISPConfig Developer Staff Member ISPConfig Developer

    Just tested it, I have the same error. So probably a error with their service as the DKIM verification works fine everywhere else.
     
  6. kibmc

    kibmc New Member

    Super, thank you very much!
    However I'm a little bit sad because I tried the sparkhost with one of my cpanel server, which test results was good.

    And if I try my DKIM settings with dkimvalidator\.com

    it says:
    ====================================================
    SpamAssassin Score: 0.203
    Message is NOT marked as spam
    Points breakdown:
    0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was
    blocked. See
    http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block
    for more information.
    [URIs: mydomain.com]
    0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record
    0.0 HTML_MESSAGE BODY: HTML included in message
    0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily
    valid
    0.1 DKIM_INVALID DKIM or DK signature exists, but is not valid
    ==============================================

    the last two 0.1 point is weird to me. May be releated with the sparkpost error?
     
  7. Th0m

    Th0m ISPConfig Developer Staff Member ISPConfig Developer

    Is your domain hosted on both of those servers? If so, try using seperate DKIM selectors, e.g. default and new
     
  8. kibmc

    kibmc New Member

    no, just tested another domain which is on a cpanel server
    if you test your domain (which is run under ispconfig3) with dkimvalidator\.com. You also got the last two 0.1 points?
     
  9. Th0m

    Th0m ISPConfig Developer Staff Member ISPConfig Developer

    No, no issues there:
    Code:
    -0.1 DKIM_VALID             Message has at least one valid DKIM or DK signature
    -0.1 DKIM_VALID_AU          Message has a valid DKIM or DK signature from
                               author's domain
     0.1 DKIM_SIGNED            Message has a DKIM or DK signature, not necessarily
                               valid
     
  10. kibmc

    kibmc New Member

    weird, I've got

    0.1 DKIM_INVALID DKIM or DK signature exists, but is not valid

    I've messed up something :'(
    but don't know what
     
  11. Th0m

    Th0m ISPConfig Developer Staff Member ISPConfig Developer

    Do you manage the DNS zone for this domain in ISPConfig or with an external provider?
     
  12. kibmc

    kibmc New Member

    external provider
     
  13. Th0m

    Th0m ISPConfig Developer Staff Member ISPConfig Developer

    Did you copy the DKIM record from the interface to your provider?
     
  14. kibmc

    kibmc New Member

    yes exactly, from the dns record field. After that, I ran the mxtoolbox (ping\@tools\.mxtoolbox\.com) test which says everything is ok. My client called my attention to sparkpost. But you have this phenomenon too. it's reassuring :)
    And then I saw these +0.1 points on dkimvalidator\.com . which is weird but maybe not so important ...
     
    Last edited: Nov 5, 2020
  15. Th0m

    Th0m ISPConfig Developer Staff Member ISPConfig Developer

    Try mail-tester.com and share those results please.
     
  16. kibmc

    kibmc New Member

    10/10
    -0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid
    This rule is automatically applied if your email contains a DKIM signature but other positive rules will also be added if your DKIM signature is valid. See immediately below.
    0.1 DKIM_VALID Message has at least one valid DKIM or DK signature

    0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain

    0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain
    -0.001 HTML_MESSAGE HTML included in message

    0.001 SPF_PASS SPF: sender matches SPF record

    seems to be good :)
     
  17. Th0m

    Th0m ISPConfig Developer Staff Member ISPConfig Developer

    Then I wouldn't worry about it.
     
  18. kibmc

    kibmc New Member

    Th0m likes this.

Share This Page