Articles in this section

See more

When sending mail from Plesk server, DKIM validation failed because the public key is not available after DNS lookup

Avatar
Leonid Gukhman
Updated
Follow
Plesk for Windows Plesk for Linux kb: technical ABT: Group A

Applicable to:

  • Plesk for Linux
  • Plesk for Windows

Symptoms

  • An external service for DKIM validation (for example DKIMvalidator.com) reports that DKIM is invalid because the public key is not available after DNS lookup.

  • DKIM key is returned by DNS lookup but it does not match DKIM key in Plesk.

Cause

There are several possible causes:

  • DNS service in Plesk is not adjusted properly (domain zone could not be visible for the DKIM validation service).

  • The used mail domain name is not real (i.e. mydomain.com, example.com, etc...).

  • DKIM related DNS resource records in the used domain zone are broken or removed.

Resolution

The following conditions should be met:

  1. The real domain name should be used to send emails from it.

  2. The domain should resolve globally to a correct IP from Plesk. If different IP is detected in the global DNS search, change the domain's DNS Settings.

  3. DKIM-related DNS resource records should be inside of the domain zone.

  4. Disable and enable again mail signing using DKIM in Plesk.

  5. Wait for the DNS propagation period. The changes made will be loaded, applied, and synchronized by DNS (it may take up 48 hours, but mostly faster).

How to check DKIM record

The following commands (same for Linux and Windows) should return the records:

# nslookup -q=TXT default._domainkey.example.com 8.8.8.8
...
default._domainkey.example.com text = "v=DKIM1; p=<DOMAIN'S_DKIM_KEY>"

# nslookup -q=TXT _domainkey.example.com 8.8.8.8
...
_domainkey.example.com text = "o=-"

Comments

3 comments

Sort by Date Votes

Please sign in to leave a comment.

Have more questions? Submit a request

Related articles