DKIM and google

Discussion in 'General' started by noenoe, Dec 28, 2024.

Tags:
  1. noenoe

    noenoe New Member

    Hi,
    My domain email sent to emails hosted on gmail, are often marked as SPAM.
    I suspect the issue is with DKIM setup.
    I've DKIM configured on ispconfig. During tests I've change key length to 2048, but this did not changed anything.
    MY DKIM setup is successfully validated on https://protodave.com/tools/dkim-key-checker/,
    but https://toolbox.googleapps.com/apps/checkmx/check?domain=lew.net.pl&dkim_selector=
    is showing DKIM is not set up. (also DMARC is not set up.).

    I've even changed key selector from default to google, but it does not resolve the issue.
    DNS is managed by ispconfig.
    What am I missing here?
    BR,
    Kris

    === UPDATE ===
    I've found that rspamd is unable to open key file for signing:
    dkim_module_load_key_format: cannot load dkim key /var/lib/amavis/dkim/DOMAIN.private: cannot stat key file: '/var/lib/amavis/dkim/DOMAIN.private' Permission denied

    As per other threats I had to add _rspamd to amavis group. (I think this part is missing on https://www.howtoforge.com/replacing-amavisd-with-rspamd-in-ispconfig/#install-and-configure-rspamd).

    So now my emails are DKIM signed, but still going to SPAM folder on gmail... as per gmail help I need to wait for my domain reputaion to be restored.. I'll monitor.
     
    Last edited: Dec 29, 2024
  2. remkoh

    remkoh Active Member HowtoForge Supporter

    I always use mail-tester.com to test dkim, spf and dmarc settings after having set-up a new maildomain.
    Always scoring 10/10 and not having any problems sending to gmail.

    I see you don't have set-up a dmarc record in your dns besides dkim and spf?
    Dmarc is mandetory when sending to gmail (and others, like ms office 365) I believe (but can be policy none).

    Also I see you included _spf.google.com in your spf record.
    Why? Are you using gmail servers to send mail from your domain to the world?
    If not, delete it! Gmail servers are notorious spammers and with that setting you give the spammers the ability to abuse your domain too by sending mail from your domain through gmail servers to the world.
     
    ahrasis likes this.
  3. Bartiff

    Bartiff New Member

    Hi,
    I'm also 10/10 on Mail Tester, but most of my emails end up as spam with Google...
     
  4. till

    till Super Moderator Staff Member ISPConfig Developer

    Google has its own filters, you can't do much about that. Keep your mail system clean by ensuring that you do not send any spam emails. It will improve over time when Google learns that your emails are not spam. You can also use google postmaster tools to investigate the issue further:

    https://gmail.com/postmaster/
     
    ahrasis and Bartiff like this.
  5. remkoh

    remkoh Active Member HowtoForge Supporter

    selector is empty in the url
    That's why you get a reply that dkim is not set-up.
    You still haven't got a dmarc record in your dns.
    Without it you will never solve your gmail troubles.
     
    ahrasis likes this.

Share This Page