DKIM: Setting up on Plesk
Emails sent from your Plesk server(s) are considered reliable when it is equipped with DKIM. We will tell you in this blog:
- how to enable DKIM on your Plesk server
- you can set this on the desired Plesk packages
- you can add the DKIM DNS records to the DNS zone via our Portal
- Set up DKIM policy
- Set up DMARC policy
What is DKIM?
To ensure that emails sent from your Plesk server(s) are considered trustworthy by a receiving mail server, you can use DKIM. With DKIM, every outgoing email is signed with a unique signature. The signature is of course not visible, it will be added to the mail headers. A receiving mail server can check this and then knows whether this email really comes from you or whether someone else is sending an email on your behalf (for example phishing emails). In this manual we explain how you can set up DKIM yourself via our Portal .
Supplies
Before you set up DKIM, we assume that you have the following matters in order and at hand:
- Data to log in to LinQhost Portal . If you do not use LinQhost nameservers you must log in to the party that manages them for you.
- You know for which domain you want to use DKIM. This is the domain name of your sender address part of your email address. In our example we use “example.nl” as the domain name.
- The SPF record for the domain name is set up correctly; this is a hard requirement and DKIM will not work correctly if the SPF configuration is not correct.
- Some technical knowledge; incorrect settings can cause email to be rejected; if in doubt, it is best to contact your IT administrator
- Once you have these requirements, we can set up and manage DKIM.
Setting up and managing DKIM via the Plesk panel
Enable DKIM signing on the server
Before you can set up the desired domain within Plesk DKIM, you need to enable the DKIM signing functionality on the Plesk server. Go to the Plesk panel (https://d-example.host-ed.eu:8443, replace “d-example.host-ed.eu” with your server name) in your internet browser, log in with your details, and then go to “Tools & Settings” under “Server Management”. On this screen, select “Mail server settings” under the heading “Mail”.
Scroll down on this page until you reach “DKIM spam protection”. Check the box for “Allow signing outgoing mail”.
Then scroll to the bottom of the page and click “Apply” to save this setting.
Enable DKIM on the hosting package and the relevant domain name
You can then choose “Subscriptions” under “Hosting Services” (if you are a shared hosting customer, it is the “Websites & Domains” option!), and choose the desired hosting package here. In this example, we choose “example.nl”.
Next, go to the “Mail” tab, then to the “Mail Settings” subtab, and select the appropriate domain name.
On this page, scroll down until you see the option “Use DKIM spam protection system to sign outgoing email messages”. Check this option, and click “Apply”.
Once DKIM is enabled, Plesk will create the standard “default” selector name, with associated keys. You can use this if you do not need your own selector name. However, with the next two optional steps you can also set your own selector name. You do this by clicking on “Generate new signing keys” and entering this in the “Selector name” menu. For illustration purposes, we use “example” here. Then click on “Generate” to create associated keys for this selector name.
Next, under “Active DKIM Selector” you can select your new selector name, and click “Apply” to set it up for use.
Now you need to request the DKIM keys, and copy them into the DNS zone of the domain. Click on “How to configure external DNS”, to see the two DNS records for DKIM. This uses the selector selected under “Active DKIM Selector”, if you have not specified a DKIM selector name yourself, this is “default”.
If the domain name is in the DNS at LinQhost, you can perform the steps below. If this is not the case, you must make these adjustments at the party where the domain is in the DNS.
Setting up DKIM records within LinQhost Portal
Go to the LinQhost Portal, and log in with your credentials. Then go to “DNS” under “Services”. For the domain in question, under “Action”, choose “View DNS records” (the icon of an eye). In this example, we choose “example.nl”.
In this overview, click on “Create DNS record” and enter the necessary data in the “Create DNS record” menu, as indicated in Plesk (see the last step under “Enable DKIM on the hosting package and the relevant domain name”).
For name we fill in “default._domainkey” in this example, which results in a DNS record on “default._domainkey.example.nl”, as indicated in Plesk. For type choose “TXT”. The TTL value can be left at 3 hours by default, or adjusted as desired. For “Content” you fill in the rest of the value as indicated in Plesk, including the quotation marks before “v=DKIM1;”, and after the last letters and semicolon (generally “AB;”). When everything is filled in, choose “Create DNS record”.
Set up DKIM policy
Select “Create DNS Record” again in the overview, and now fill in the data for the second TXT record as indicated in Plesk. Enter “_domainkey” for name. Select “TXT” again for type. You can leave the TTL value at 3 hours by default, or adjust it as desired. Enter the remaining value as indicated in Plesk, including the quotation marks, in “Content”. Once everything has been filled in, select “Create DNS record”.
Set up DMARC policy
With a DMARC policy you indicate what a receiving party should do when it receives an email that does not pass the SPF/DKIM check. For this you need to create a “_dmarc” TXT record with the following content “v=DMARC1; p=none;“. For more extensive possibilities you can use this (English) online generator.
Testing
DKIM should now be fully active, to be sure you can test this via https://www.mail-tester.com/.
Related Articles
My sent email is rejected
Unfortunately, it can happen that emails do not reach the recipient. There are several possible causes, and here you will find the most common problems and solutions! If you are still experiencing problems after reading this manual, you can, for ...DKIM: Setting up HPW
Emails sent from your HPW server(s) are considered reliable when it is equipped with DKIM. We explain the how and why in this blog: How to enable DKIM on your HPW server via our Portal How to add the DKIM DNS records to the DNS zone via our Portal ...Setting up Email in Thunderbird
Setting up your email in Mozilla Thunderbird is easy and only takes a few minutes. In this article I will explain step by step how to configure your email address in this popular email client. Setting up email in Mozilla Thunderbird Open Thunderbird ...Phasing out Email Forwarding to External Addresses
Email forwarding, or the automatic forwarding of emails, is going to change. Increasingly stricter checks by spam filters make forwarding to external email addresses outside your domain less reliable. As a result, we have decided to stop this ...Email Address Verification Required for Domain Names
As of September 1, 2014, it is mandatory to verify the email address of the owner of a domain name. This is a new rule from ICANN , the organization responsible for domain name management. It is therefore important that the specified email address is ...