Hello everyone, we are using ISPconfig for DNS, web and mail but have been running into an issue persistently, which is not being able to enter DKIM records into the DNS manually, as it denies this and tries to guide one to the e-mail settings, which isn't helping. So, to elaborate: aside from the regular handling of one or so DKIM keys by the server itself, we have need to set DKIM DNS records as communicated to us by third parties. This concerns e-mails that are sent by external servers, e.g. for newsletters through sendgrid and others that are specifically not the ISPconfig server itself. Have we been using the wrong search terms to figure out a solution to this? Because, it seems no one else here has been asking that question, even though this need should not at all be unusual.
Hello Till, yes, it of course is. But when we use ISPconfig for setting a new DKIM record for an external server we get "DKIM ist nicht zulässig. Bitte den DKIM-Button nutzen" ("DKIM not permissible. Please use the DKIM button") as an error message. The DKIM button only does internal key management. It feels like someone implemented "mandatory training wheels".
You're doing something wrong. Not sure what. As @till said, it's nothing more then just a TXT record. Add a new TXT record in your DNS zone. Hostname: Code: <dkim selector>._domainkey Data: Code: v=DKIM1; k=rsa; p=<public key> (or whatever output you get from dkim for in your dns when you create a key) I've done so for countless maildomains not managed by ISPC.
Hello remkoh, I am aware of how DKIM works. (public/private key pair, public key goes onto DNS so servers on the other end can confirm that a mail signed with the private key is legit and all that.) It seems that under *some* circumstances ISPconfig gives the mentioned error message. We are wondering if that's always the case when a domain has been entered via the "Assistant" function. We haven't had the error happen yet when we imported the domain via zonefile import.
Yes, there is a limitation for users. We might removed that in 3.3.0; at least we've discussed that topic. You should update to the current version and test it. Or check the version history in issue tracker for changes.
Ah, that makes sense. Yes, 'd be in favor of removing the restriction as an error and instead giving something like a warning or hint so users can confirm if they really want to manually set a DKIM record here.# Thanks for confirming.
Good morning. Just a quick update, checked ISPconfig 3.3 yesterday (fresh install, latest release), restriction is still in place.
