DKIM signature invalid

DKIM Signature Invalid on mail-tester.com – CyberPanel [SOLUTION]

General fix: [SOLUTION]
No matter whether your domain is hosted on Cloudflare, GoDaddy, etc. this will work on all.
Quick fix (change TTL of default._domainkey to 600 seconds or less.)
default._domainkey is a DKIM TXT record value.

I’m using

• DigitalOcean Droplet
• CyberPanel
• Rainloop Mailbox (comes with CyberPanel)
• Domain hosted in GoDaddy

CyberPanel shows:
default._domainkey.domain.com – Copy the value and later we’ll modify it.

"v=DKIM1; h=sha256; k=rsa; "	  "p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt0pYyIwZbshTfop3LMiHFU7Hql9/qRHb2w/0eT2tPdoVZ8KaRNsbqmbNwt+emo+hSYj36m25r0s1MmWRwnOEWVSZOfhD0qUuKDyALNXT4wCa2uQKmkDP7Y5CLo9AEdCyctliYpjcII2cLqGZJ0+TEcJUdOObLAdzsqGxjKwcb43jcuMgx6jVAFQecCXlHZeD9y6yGQ8pFtFHt2"	  "c4zD1/0sBJPb1COvOosEmZ7CBa5bKHRe+tPgrdyP6WYgfmVnN0k0RfFxnVdFpgO+QhyR+GzhvCtjiP6qJtIwlG0rXSUBzqE/6BL0oDYKVXDYxBzrekkTcgOEuCIb6SxU672orkCQIDAQAB"

So, you need to remove the 6 quotation marks ” “ manually depending on your domain host.
e.g and the final result must be like the below.

v=DKIM1; h=sha256; k=rsa; 	  p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt0pYyIwZbshTfop3LMiHFU7Hql9/qRHb2w/0eT2tPdoVZ8KaRNsbqmbNwt+emo+hSYj36m25r0s1MmWRwnOEWVSZOfhD0qUuKDyALNXT4wCa2uQKmkDP7Y5CLo9AEdCyctliYpjcII2cLqGZJ0+TEcJUdOObLAdzsqGxjKwcb43jcuMgx6jVAFQecCXlHZeD9y6yGQ8pFtFHt2	  c4zD1/0sBJPb1COvOosEmZ7CBa5bKHRe+tPgrdyP6WYgfmVnN0k0RfFxnVdFpgO+QhyR+GzhvCtjiP6qJtIwlG0rXSUBzqE/6BL0oDYKVXDYxBzrekkTcgOEuCIb6SxU672orkCQIDAQAB

remove quotation before v=DKIM1
remove quotation after k=rsa;
remove quotation before p=
remove the last quotation.
Don’t remove any quotation inside p=

and then add that record in txt default._domainkey
by default TTL will be 1 Hour. ALERT!
change TTL of default._domainkey to 600 seconds.

and then test again mail with mail-tester_com and am sure this time the error fixed. If the error is fixed then again change the TTL of default._domainkey to 1 Hour.

Start Testing – Pick an email from email-tester.com

goto to the website mail-tester.com and pick the email.

Send an email to the mail you pick from email-tester.com

Start Test

The response is: DomainKeys Identified Mail (DKIM) is a method for associating a domain name to an email message, thereby allowing a person, role, or organization to claim some responsibility for the message.

Now change the TTL value

Set TTL of default._domainkey to 600 seconds. Later I’ll set again it to 1 Hour.

After changing the TTL value, go to mail-tester.com and reload the page. this time a new mail was generated. Copy the mail and again send an email through your server.

Finally

Now again change the TTL value to default or 1 Hour (36000 seconds).

Further How to Create a reverse DNS record?

Reverse Domain Name Service (DNS) records are essential for those running a mail server because many recipient servers reject, or mark as spam, all email that originates from an unauthenticated server. As am using DigitalOcean so, I can share the specific details.

The Reverse DNS has been configured automatically from our end based on the droplet’s hostname.

PTR records
You have no PTR records.
DigitalOcean will automatically create a PTR record for a server when you rename the host Droplet to the fully qualified domain name of a domain you are managing on your account.

To check Mail Health visit https://mxtoolbox.com/domain/

This mxtoolbox.com the tool will help you with Reverse DNS (PTR Records).

I hope this article is helpful.

Related Articles

• Send an Email in Laravel using Mailtrap
• How to fix block was affected by errors and may not function properly
• 20 API-related terms every web developer should be aware of 😱
• Use Try Catch with DB::transaction in Laravel Guide
• Privacy Policy