Hi guys hope everything having a marvelous time!
I’m very happy with hCP, and its performance is really good. I’m been doing some mail server setup and found out that there is one field which reduces the score of my email delivery. I have setup the DKIM as instructed in hCP and all the records as well!
Can I know how to fix this tiny error? 
Hi @Krithiv_7,
1.- You must be sure that you activated DKIM support for your mail domain.
2.- You are using two different DKIM public keys for the same selector (mail).
$ dig mail._domainkey.krithiv.my.id txt +noall +answer
mail._domainkey.krithiv.my.id. 288 IN TXT "v=DKIM1;t=s;p=MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAwZ/gz8kRL6YQox3wFlUxqRTFijh2Pvnu9Z79PKUb7l88+o1mYjjsHz8+yhAaaGENsPB1B/RhKsYbOAEEBIIoecpzP4MDuLc7+I8o7ijxpyaAzhkFq1u409U9WtSBEO7h2HTzLjD9iC6mmxGq41EoJ0nfDB1vMd/r6fZbMP9jWF8tDKkQ1q/am2wgkON/t1cWTb/iY" "syCG+D0GwGyny2XlJpr6JmXM4ie+zUEN6y5JoHT9IvaFGZfOhk/1D24v9soYGvpTjuOA4u1fTvklSkBmvqHMdA+0qoVjVTRmS5KryqR7uT6Jns6JVKVH7r1YoDwo0oETrSN+xsqWy2F3v7r/S9hTYG8r2NdeQ2zr1seK2eQjFIcX9vvbDHjhyNwHMYIXLvzft10fubDPV5LsmNWEvrNN6a2NU9aWTkI95F4PTHSJkKjlCPLaTUN5Jesy76JYV+t" "AiDiEesI8JQAJ+l7RsxGD9aH1LjNfXdMD/UP65TdwAjRRvuIVabQoIstNt7ZRLECCmU1AfV1Sd8/hQy1s4t8UTaoH2U3pFdRaLb59BRxdQiA6OSVMV5iMEihb+1oemIVfxoNglxufZF/1mJgvuNfZJMlurxgE2bp7uDB6G5uJRCofXkrcRnXJFuRfJCDDb65I0ej+lNbLf1xsxc0hnIoqSnKKKEyoYpQOOXMd8UCAwEAAQ=="
mail._domainkey.krithiv.my.id. 288 IN TXT "v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuPwMu+rHOWZhSSxBc+LLfU/9Bcv6KucE3MyF3aBFGQdX8hm991rSI0iqud7FzdPKwv8aegEBAWkkmW1JhwnxCHC7sO+WXvqpwLVSvCZDE0hbdR2EayNwtPQzHTwdguQJWVwqR5pKmi9C0ZU/R4x8m0PU1LF4k8aQ04a2N+BuF9qGRM23PFLy+3+TWlsrrC7g3" "sXWxAP0/95BVgKXF78zKSnZCe4/dFyiyY4ZhlX/tsDErRMNCN7DeaPszbkad32PaIssTQ6B1tG2s+AbgCIQ80+W6JeRgv1UUsvc95icfrh61FBo72gsV0agTi+zPlXqItBHc55GRvaC359ra9DwOwIDAQAB"
Remove the one not used by Hestia.
Yes, my DKIM had two records and I didn’t even notice it! My bad 
.
After removing the records it works perfectly!
Thanks for your time😇
Your solution solved the DKIM authentication issue. I have issue with rDNS.
My rDNS is set to hosts.starverse.in and my sending domain is starverse.in and some more domains as well.
I have setup up a PTR record which points to 195.220.255.134.in-addr.arpa from domain. I still don’t understand how to fix this.
Your mail server identifies itself as hosts.starverse.in
$ telnet 134.255.220.195 25
Trying 134.255.220.195...
Connected to 134.255.220.195.
Escape character is '^]'.
220 hosts.starverse.in <-- your mail server's name ;)
quit
221 hosts.starverse.in closing connection
Connection closed by foreign host.
So the ip 134.255.220.195 PTR record should point to hosts.starverse.in. Said that, I don’t know where you add the PTR record but it doesn’t have any value yet.
$ dig -x 134.255.220.195 +short
Your hosting provider should have a section on the control panel to create the PTR for the ip, if you can’t see one, contact them, they should be able to help you to create the PTR record.
Hello again😁
I have created the PTR record for rDNS lookup. But I’m not quite sure I made the correct record. Can you check this.
Where did you do that? I’m asking because it isn’t showing the right record (at least not yet).
Your hosting provider uses these DNS servers (ns1.zap-hosting.com and ns2.zap-hosting.com) to resolve the PTR records but:
ns1.zap-hosting.com shows nothing (NXDOMAIN):
$ dig @ns1.zap-hosting.com -x 134.255.220.195 | grep status
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 44694
ns2.zap-hosting.com REFUSES to answer.
$ dig @ns2.zap-hosting.com -x 134.255.220.195 | grep status
;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 52827
Let me quote my comment 
So here is what I did. I made sure that hostname and rDNS of the points to hosts.starverse.in
After that I went to my Cloudflare dashboard and pointed the PTR record to hosts.starverse.in.
And this solves the issues I’m been facing!
Thanks for your time😁
Great, but only one of the DNS servers (ns1) is answering, the other one (ns2) is refusing to answer so there is something wrong with the second one and you should contact your hosting provider to know what’s going on.
$ dig @ns1.zap-hosting.com -x 134.255.220.195 | grep -E 'status|arpa\.\s[0-9]'
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 15297
195.220.255.134.in-addr.arpa. 600 IN PTR hosts.starverse.in.
220.255.134.in-addr.arpa. 86400 IN NS ns1.zap-hosting.com.
220.255.134.in-addr.arpa. 86400 IN NS ns2.zap-hosting.com.
$ dig @ns2.zap-hosting.com -x 134.255.220.195 | grep -E 'status|arpa\.\s[0-9]'
;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 65171
This doesn’t make sense, why are you creating a PTR record on Cloudflare? And why hosts.starverse.in points to starverse.in?
I thought I’m supposed to do that, or aren’t I. Is it not required ? I’m confused. 
The PTR record must be added to the DNS servers of your hosting provider or the ones that manages the zone 220.255.134.in-addr.arpa. and in this case it is your hosting provider who manages them, not Cloudflare.
You hosting provider manages the zone 220.255.134.in-addr.arpa. using two dns servers; ns1.zap-hosting.com and ns2.zap-hosting.com and ns1 works fine but ns2 doesn’t and that is the reason you should contact to zap-hosting.com to know what the problem is.
So to put it in a simple way, the PTR records are only managed by the hosting provider and not the user. And users doesn’t need to setup PTR for their domain but request PTR record to hosting provider.
User need to tell their hosting provider what rdns they want. By default most hosting providers allow users to manage their own rdns.
Small chance some hosting providers need to be contacted to update rdns.
I don’t know much about it but I’m learning something new😊
Feels great to have fine community like this for support🤩
As @sahsanu said I’ll connect with zap-hosting, to know why ns2 isn’t working. Thanks for your time and guidance.
Also thanks to @elmo for helping me understand.
Now that my problem have been resolved, I’ll leave the topic for closing. Thanks for your time 
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.