How to make DomainKeys using Plesk 8.60 with external DNS control

KeysServer-generated emails on websites requiring registration or verification, often do get not through Hotmail and Yahoo Mail spam filters. Hotmail requires a valid SPF record which is easy to implement. And, Microsoft will whitelist your domain for Hotmail if you request it.

Yahoo filed a patent for the DomainKeys concept in 2003. They still use DomainKeys and require it especially for server-generated emails. Implementing it used to require running a Perl script to generate the key pair for the electronic signature. And, instructions for updating your server DNS are difficult to find.

Plesk 8.6.0 has DomainKeys built into the Plesk CPanel. However, there is one extra step that is critical if you control the DNS externally (for example, with Media Temple’s Account Center). Here’s how to do it:

In Plesk 8.6.0, go to the Server Panel click on the Mail icon and turn on DomainKeys globally. Then, you need to go the domain, click on the Mail icon, and turn on DomainKeys for that domain. Plesk 8.6.0 will then generate the key pair (public and private) and update your DNS records in Plesk.

However many Plesk users have disabled “named” to save resources and control their DNS from their Media Temple Account Center or other external service.

That means, you need to copy the 2 DNS entries for DomainKeys from the Plesk DNS settings to wherever you control the DNS. Make sure to copy the keys exactly.

DNS Zone

Once that’s done, wait for the records to propagate. Then, you can test your DomainKeys by sending an email from the domain to: which is a DomainKeys/DKIM reflector (autoresponder).

More background information is here.