- Plesk for Linux
- Plesk for Windows
An external service for DKIM validation (for example DKIMvalidator.com) reports that DKIM is invalid because the public key is not available after DNS lookup.
DKIM key is returned by DNS lookup but it does not match DKIM key in Plesk.
There are several possible causes:
DNS service in Plesk is not adjusted properly (domain zone could not be visible for the DKIM validation service).
The used mail domain name is not real (i.e. mydomain.com, example.com, etc...).
DKIM related DNS resource records in the used domain zone are broken or removed.
The following conditions should be met:
The real domain name should be used to send emails from it.
The domain should resolve globally to a correct IP from Plesk. If different IP is detected in the global DNS search, change the domain's DNS Settings.
DKIM-related DNS resource records should be inside of the domain zone.
Disable and enable again mail signing using DKIM in Plesk.
Wait for the DNS propagation period. The changes made will be loaded, applied, and synchronized by DNS (it may take up 48 hours, but mostly faster).
The following commands (same for Linux and Windows) should return the records:
# nslookup -q=TXT default._domainkey.example.com 22.214.171.124
default._domainkey.example.com text = "v=DKIM1; p=<DOMAIN'S_DKIM_KEY>"
# nslookup -q=TXT _domainkey.example.com 126.96.36.199
_domainkey.example.com text = "o=-"