Back to Community Threads
1
smartermail and DKIM set up.
Question asked by Diego Discacciati - 11/25/2024 at 6:37 AM
Unanswered
I feel stupid because Smartermail made it easy to generate the keys.
Here's my problem... it must be something stupid that I am overlooking.

U generate the keys for my domains, I use DNSMadeeasy to manage DNS... so I add the keys there. I thought all was ok, keys seem active in smartermail... but if I check the DKIM records using MXtoolbox or any other testing site... it says that my DKIM do not exist... 

Now... there is a panel in administration/general... there is the possibility to specify a DNS IP... I tried to leave it blank, I tried to specify the IP address of my DNS provider (it was not accepting NS13.DNSMADEEASY.COM so I had to translate it into an IP address)... but still no luck.

Now... the keys are specified in the DNS management... ... and seems active in smartermail but for a reason that I do not get... they do not seem to be visible.
Any suggestion?

4 Replies

Reply to Thread
1
Kyle Kerst Replied
11/25/2024 at 7:26 AM
Employee Post
Hi Diego! Don't fret, it is easy to miss things in the world of DNS :-P The biggest thing jumping out at me is that your server may have already cached the DNS lookup result from your previous tests and may not be hitting the new record. What I do when setting up DKIM keys is set their TTL (Time To Live) value to 1 minute so that any cached DNS results flush out quickly. When you're sure everything is working you can increase those TTL times as well. If that fails though I recommend using mxtoolbox.com or similar tools to verify the DKIM key has been added correctly, and if all else fails engaging the DNS host's support team should help get you going in the right direction. I hope that helps!
Kyle Kerst IT Coordinator SmarterTools Inc. www.smartertools.com
0
How big is your DKIM record?? I couldnt get anything above 2048 to work...
0
Diego Discacciati Replied
11/25/2024 at 8:25 AM
Key size is the recommended 2048 - 
This is the point... SmarterMail reads the text record there is the option "wait for DNS verification upon enabling it... so if they are enabled... it means that the smartermail reads that record.
Due to the fact that the text record infos are generated by smartermail... is it possible that the info generated are not a correct format? Or... again it must be something very stupid. Right now I am disabling and recreating the records... with my provider as per the info generated by smartermail.

OK, I deleted the txt records from my DNS provider and now smartermail is not enabling the authentication anymore... it sounds like a bad thing but at least now Smartermail is not validating/enabling the keys. I took a picture of one of the keys enabled... just to remind that I am not crazy and they were suppoised to work before.

I also reduced the TTL to 60 sec.
0
Diego Discacciati Replied
11/25/2024 at 10:17 AM
I contacted dnsmadeeasy and they did test the TXT record that works ok for any of mydomain.com... but not for mail.mydomain.com used by smartermail... and those keys are generated by smartermail, so...
The key in smartermail is generated for mydomain.com but smartermail is using mail.mydomain.com as a host (mydomain.com is an alias if I look into the administration panel...)
I had to add a mail selector and duplicate the dkim TXT record ading the selector.
So it seems ok now.

Still there is something off...
Back to Community Threads

Reply to Thread

Related Knowledge Base Articles

Setting up Email Signing (DKIM) for a DomainSmarterMail > Domain/User Configuration and Management
Deploying Rspamd For Use With SmarterMailSmarterMail > Server Configuration and Management
Messages from Trusted Senders are going to my Junk folderSmarterMail > Troubleshooting
Recommended SPAM SettingsSmarterMail > Antispam and Antivirus
SmarterMail and Network Address Translation (NAT)SmarterMail > Troubleshooting