View All Products
Compute
Storage
Databases
Networking
Developer Tools
Delivery
Security
Services
Industries
Pricing
Community
Engage With Us
Community Questions mail gets to spam inboxes : DKIM solution?
Log in to Ask a Question

mail gets to spam inboxes : DKIM solution?

email

So I've set up citadel, made SPF work, set my reverse DNS lookup to be correct. But still, it gets to junk folders.

So does this mean I have to set up DKIM? Has anyone else set up DKIM with citadel?

This has been one mind-crushing process. The slow DNS updates, the confusing information, .. curse those spammers

10 Replies

@underthesun:

So does this mean I have to set up DKIM? Has anyone else set up DKIM with citadel?
I use dkim-milter with postfix so I can't help you directly, but here are some instructions for setting up DKIM with citadel.

I wouldn't expect DKIM to be some kind of magic bullet though. If you are getting tagged as junk now a DKIM signature is not likely to improve your chances of getting through.

The machine that is tagging messages as spam should be adding headers to explain why. It could be (lack of) DKIM, it could be content, it could be your IP is blacklisted… if you don't know what the problem is, you'll just be chasing your tail.

Look at the full headers of the messages being classified as junk.

Just check if you are in any blacklist on mxtoolbox.com. It could help!

SelfishMan was a big help to me in the Linode IRC channel. I got it working for the most part, after fighting through Yahoo and Micrsoft Spam Filters… I didn't exactly give up, but I decided that its probably better for my clients if I used Google Apps for Domains. I could have hosted my own email services and fought spam filters and such, or I could let Google deal with it.

I would like to say that Google is probably not for you if you're hosting or have anything to do with privileged or private information. Not that people at Google look through your emails, but they have the power to. Security: Host it yourself. Easy and Power: Use Google.

To answer your question I had to set up DKIM, DomainKeys, SPF, SenderID, and other stuff: Microsoft finally stopped marking me as spam, but Yahoo still did when I went to Google Apps. Don't expect much help from Yahoo/Microsoft as far as Spam filters. They have a postmaster help section that tells you what you need. I did everything they required and was still being marked as Spam. Emailing Microsoft using their Postmaster questions page was emailing a black hole. Yahoo has a system where any emails marked as spam from your domain get sent to you, so you can fix the problem, though it never helped me because I didn't give it a chance. Google seems to be the only one of those three that answers emails, but Google never marked me as spam even when I only has SPF (no DKIM/DomainKeys/SenderID or matching rDNS).

I am having a problem with my TXT records.

I think this may relate to the way the Linode DNS manager works. For example, I enter for the name "domainkey.site.com" and when I check the record it shows up as "domainkey".

Further, when I go to DNS records tools and have them pull my txt records for site.com, _domainkey.site.com is never pulled. Moreover, I have dkim and domainkeys correctly installed and configured, and they are signing outgoing emails. But when I send them to reflector accounts to test them, all reflectors state that they were unable to pull my public key from my txt records.

I migrated over from slicehost about 2 days ago and had domainkeys and dkim correctly working. At slicehost, my txt records were "_domainkey.site.com".

Any ideas? Does linode DNS manager delete the TXT record suffix for some reason? Is this berserking my domainkeys and dkim setup?

Thanks,

Ryan

I know nothing about DKIM and DomainKeys, but have successfully used the Linode DNS manager to publish TXT records. Once you've entered the record, try dig _domainkey.site.com txt from another host to make sure it's working. It's difficult to help diagnose your specific problem unless you post your real site name here.

The linode guys responded to my ticket. Apparently adding the site.com is a nono. They informed me that their DNS server automatically appends site.com and that having "_domainkey.site.com" messes it up.

So, I changed the entries from "domainkey.site.com" to "domainkey" and it worked properly.

This was not a big deal since the linode team responded so quickly - although this is counterintuitive because it relies on a specific unpublished feature of the linode DNS manager. I migrated over from Slicehost and their DNS servers most definitely require that your txt records be entered as "_domainkey.site.com".

Ahh well. Thanks again.

@deadwalrus:

Apparently adding the site.com is a nono. They informed me that their DNS server automatically appends site.com and that having "domainkey.site.com" messes it up. Not as much a "nono" than not giving the expected result. If you enter "domainkey.site.com" into your Linode DNS manager, you'll only end up with the host name "_domainkey.site.com.site.com" instead.

Hey, I don't know this is helpful but I found this page on DKIM and SMTP http://www.smtp.com/corporate.html which at least explains some details and uses of DKIM and other email authentication. You have to scroll down to the section titled "Reputation Guard". Sorry if this is coals to Newcastle! :)

Oh Domainkeys you are my nemisis :(

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Log in to Reply
Community Code of Conduct