Hestia CP - this is one of the most popular, simple and convenient panels for managing sites, with its help you can add new sites, work with mail and databases, Cron, updates, file manager, the ability to add SSL.
DKIM (DomainKeys Identified Mail) is an E-mail authentication method designed to detect spoofing of email messages
DKIM technology combines several existing anti-phishing and anti-spam methods to improve the classification and identification of legitimate email
Instead of a traditional IP address, DKIM adds a digital signature associated with the organization's domain name to identify the sender of the message. The signature is automatically verified at the recipient's end, after which whitelists and blacklists are applied to determine the sender's reputation.
DKIM is configured for each domain, so you will have the option to enable it when you create a domain, as shown in the figure below.
Once the domain has been created, you must now create a text (TXT) record for the domain using its DKIM public key.
Using SSH and the command you need to get the DKIM public key.
v-list-mail-domain-dkim USER DOMAIN [FORMAT]
Which will take the name of the user in which the domain was created and the domain itself as arguments, you can get private and public keys
The bottom part of the output will be the public key of the DKIM domain.
- After that, you need to create a file with a .txt extension, placing a TXT record in it, which should be added to our DNS panel.
The content of the file will be like this:
mail._domainkey IN TXT "v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUA4GNADCBiQKBgQDlTDn8Yqb5kQ0pzaR/4DBTF4Y5jIKSJY1DAE1WFcG88qpIc66cmQdeNjfpovZzUWynuS6GropUodNbUsw+wvj/AcU58udlQgKL0BYtMaYSm+xbEdv5N6UAoOhOrxcXmQ/NXNzUDbsyjr49EaDyRd25B8Jh3U6KSi3WSZzn+rKwIDAQAB" ; ----- DKIM key dkim for mecmep.site
mail._domainkey - entered in the Host field.
"v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUA4GNADCBiQKBgQDlTDn8Yqb5kQ0pzaR/4DBTF4Y5jIKSJY1DAE1WFcG88qpIc66cmQdeNjfpvZzUWynuS6GropUodNbUsw+wvj/AcU58udlQgKL0BYtMaYSm+xbEdv5N6UAoOhOrxcXmQ/NXNzUDbsyjr49EaDyRd25B8Jh3U6KSi3WSZzn+rKwIDAQAB"
Entered in the Value field, you can leave the double quotes for convenience.
NOTE: the key must be a single line - if there are line breaks, you must copy the key into notepad and remove them to make one long line.
SPF (Sender Policy Framework) is an extension for the SMTP e-mail sending protocol.
SPF allows the owner of a domain, in a TXT record corresponding to the domain name, to specify a list of servers authorized to send e-mail messages with return addresses in that domain.
Mail transfer agents that receive mail messages can query SPF information with a simple DNS query, thus verifying the sender's server.
SPF allows you to specify servers and IP addresses that are allowed to send mail from your domains. This feature is designed to block outgoing unwanted messages.
The SPF record is written in the TXT record of the domain. Actually you need to add a TXT record and put the SPF record in its value.
In the SPF record you have to specify the server IP from which the messages will be sent. Instead of 111.11.11.111, write the IP address of your server:
"v=spf1 +a +mx +ip4:111.11.11.111 ~all"
Entered in the Value field, you can leave the double quotes for convenience.
DMARC (Domain-based Message Authentication, Reporting, and Conformance) — a standard that adds an additional layer of email verification and protection against phishing and spoofing.
DMARC allows a domain owner to specify, via a TXT record, the verification rules for messages and the actions that should be performed by mail systems when receiving a message on behalf of the domain. The main purpose of DMARC is to help recipient mail servers recognize fake emails and decide how to handle them.
The DMARC system defines:
- Verification Policy (p parameter), which indicates what to do with emails that fail authentication (e.g., none for gathering reports, quarantine for moving to spam, or reject to deny delivery).
- Addresses for Reports (rua and ruf parameters), which specify where the data on checks and failures should be sent for analysis by the sender.
DMARC works in tandem with SPF and DKIM, allowing determination of whether messages are authentic. If a message fails SPF and/or DKIM checks, the DMARC policy will decide whether to block it, mark it as spam, or simply send a report to the domain owner.
In the Hestia panel, select the domain for which you want to set up the DMARC policy and go to the DNS Records section.
Copy the DMARC record and add it to the DNS panel of your domain.
_dmarc - entered in the Host field.
"v=DMARC1; p=quarantine; pct=100"
Entered in the Value field, you can leave the double quotes for convenience.
If you have difficulties in setting up or have additional questions, you can always contact our support team via Ticket system.