Join Log in
Score:0
Nick avatar Server

DKIM on GoDaddy shared hosting

ee flag
Nick

I'd like to setup a DKIM record on GoDaddy shared hosting with cPanel (I don't want to move the DNS server). Normally cPanel makes creating DKIM records trivial, but in cPanel on GoDaddy shared plan Email > Authentication is not available. Can I instead use public and private keys created using Email > Encryption, would these keys work for DKIM? This poster seems to think so.

After creating the keys I tried to set up the DKIM record in the GoDaddy DNS control panel using:

Type: TXT
Name: default._domainkey
Data: v=DKIM1;p=mQENB....

Should the selector part in the name be something other than 'default' and if so how do I determine what it is, or should the Name simply be '@'?

For the Data field, should it be v=DKIM1 or v=DKIM? Should the private key hash be converted to base64? Either way when I add the key the string makes the record too long for the GoDaddy Data field which returns an error.

How can I split the record, if I try encapsulating the record in double quotes and then splitting the key with 2x double quotes with a space in between it gives the same error?

This post suggests that some have been successful (but maybe only on VPS and Dedicated hosting).

UPDATE: The DKIM record has been added in the DNS and it checks out ok on mxtoolbox.com, and the host says that it will work fine without the private key. Further related reading.

134
1 + 3
Nikita Kipriyanov avatar
za flag
Nikita Kipriyanov
DKIM could not possibly work without private key. Period. It is actually used each time your server signs a message. You can perfectly sign and not have a public key in the DNS, although this signature would be impossible to verify — this is what the link is about. Also, if you set up a DMARC policy which requires signing (which you should do), not verifiable mail will be rejected or at least considered spam by receiving parties.
0
Reply
Nick avatar
ee flag
Nick
Thank you Nikita for your clarification. I didn't believe it possible, but that's what support from a GoDaddy owned company were telling me.
0
Reply
Nikita Kipriyanov avatar
za flag
Nikita Kipriyanov
Either you didn't understand them or they were mistaken. The link talks about public key in DNS and not about a private key, so it doesn't contradict what I say.
0
Reply
Score:1
Nikita Kipriyanov avatar Server
za flag
Nikita Kipriyanov

The selector should match whatever you configured in the mail server that uses the corresponding private key to DKIM-sign outgoing mail.

For instance, if you configure some server to sign with the selector "abracadabra", it will create a DKIM signature with the s=abracadabra in the header, so whoever wants to check the signature will know they need to lookup the public key in the DNS record abracadabra._domainkey.example.com.

+ 0
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.