The best way to setup Postfix/DKIM/SPF/DMARC on Ubuntu – Plesk onyx
2. How to setup DKIM/SPF/DMARC in Ubuntu with Plesk Onyx
Bear in mind: For those who use an external DNS controller, DKIM signing will work for outgoing messages, however, the receiving mail server will not be able to validate these emails. Better to switch off Plesk DNS server and In this case, email recived messages will be vaildate from the both directions.
Let’s create custom Glu NS record first, if you’re on VPS or Dedicated server and if your hosting provider did not provide you Glu record.
- Go to the DNS settings from the web hosting account in the Plesk and then add glu record
Once Glu record has been setup then requests domain registrar to help you setup from their end.
Likewise, GoDaddy has already host name tab in the DNS management section and Same NS record and IPs, that’s all! you good to go.
Next step:
Enabling or disabling DKIM on the Plesk Onyx hosting Server
- Go to Tools and Settings > Mail Server Settings(scroll down to DKIM Spam protection in the mail group tab).
- check both: Allow signing outgoing mail and Verify incoming mail – once you checked verify incoming mail, DMARC option becomes available.
- Checked: DMARC option too.
Note: The DNS service must be activated on a domain.
Plesk Onyx will create SPF and DKIM record in the Domain’s DNS server settings automatically.
default._domainkey.<example.com>– contains the public part of the generated key._ domainkey.<example.com>– contains the DKIM policy.- _dmarc.<domain>. TXT v=DMARC1; p=none
Once all completed, make sure use any test tool to verify all working.
5. Generate Public and Private Key from the OpenSSL
DKIM requires a public and private key. The private key should be saved in a safe location on your server. The public key will be used in the DNS TXT record for DKIM.
Enter the following command to generate your private key:
openssl genrsa -out dkim.private 1024
Enter the following command to generate your public key:
openssl rsa -in dkim.private -out dkim.public -pubout -outform PEM
Move your private key to the dkim directory using the following command:
mv dkim.private /var/db/dkim/dkim.key.pem
dkim is the selector name in my example.
How to setup/install dkim in cPanel
Reference:
- https://help.ubuntu.com/community/Postfix/DKIMhttps://www.linuxtutorial.co.uk/domain-keys-dkim-installation-postfix/#more-6611
- http://www.elandsys.com/resources/mail/dkim/opendkim.html
- https://www.exratione.com/2014/07/setting-up-spf-and-dkim-for-an-ubuntu-1404-mail-server/
- https://docs.plesk.com/en-US/onyx/customer-guide/mail-settings/enabling-dkim-email-signing.74718/
- https://docs.plesk.com/en-US/onyx/administrator-guide/mail/antispam-tools/dkim-spf-and-dmarc-protection.59433/
- https://askubuntu.com/questions/134725/setup-dkim-domainkeys-for-ubuntu-postfix-and-mailmanhttp://kb.odin.com/en/119654
Speed test on your Server Ubuntu
speedtest-cli is in the repository now. For 16.04 Xenial or later use:
sudo apt install speedtest-cli speedtest-cli
OR
The Short version, use without root user:
curl -s https://raw.githubusercontent.com/sivel/speedtest-cli/master/speedtest.py | python -
Cannot sent message via webmail: “User unknown in virtual alias table”
- Applies to: Ubuntu Plesk Onyx
Symptoms: User unknown in virtual alias table, 550, 511
Resolution: try this:
/usr/local/psa/bin/domain -u example.com -mail_service false or https://kb.odin.com/en/119654
Reason: my domain is not registered with Digitalberg dedicated server and My domain configured locally in the Apache therefore specific email address rejecting by local mail service. That’s why I deactivated this service for My domain as “workaround” for my scenario.
Leave a Reply
Want to join the discussion?Feel free to contribute!