Configure DKIM in cPanel

by | Apr 3, 2025

Verify outgoing email with DKIM

Use DKIM (DomainKeys Identified Mail) to reduce the chance of your users’ outgoing emails ending up in customer/supplier Spam or Junk folders.

DKIM configuration tool

Click on the headers below to follow our guide to configure DKIM using cPanel WHM and post your DKIM records in your domain name’s zone record at your domain registrar. Click on images to see in full resolution.

How to prepare

DKIM is already enabled on your web server. However, the service needs to be implemented. This is because the verification process requires checking a unique DKIM record which only you can add to your domain name’s “phone book” – we call the phone book a zone record. If we have ongoing access to your domain name, we would take care of this as part of the support we provide.

Before starting, you will need to understand where your domain name is managed. If your domain name is held at a domain name supplier using their nameservers, you will need to create DKIM records in the zone record at your supplier. If you own the domain, but we hold it in our management portfolio, then you might only need to make amendments in cPanel which will make things easier.

Therefore, before you proceed, prepare as follows:

  1. if in doubt, check with us where your records need modifying
  2. find your cPanel login credentials from our server information sheet
  3. (optionally) find the login credentials for your domain name supplier

We are able to manage domain names on behalf of clients. Domain name management is a critical function and unwitting errors can cause email and web site failure. If you are nervous about dealing with this technology, we can provide admin support – ask for help. For instance, if you do not have in-house expertise, we can take administrative custody of your domain to manage these kinds of jobs.

Step-by-Step instructions

1. Log in to WHM:

2. Access the DKIM Settings:

  • In the WHM dashboard, search for <Email>.
  • Click on <Email Deliverability>.

dkim configuration module

3. Select the Domain:

  • Choose the domain you want to configure DKIM for.
  • Click <Manage> next to the domain.

4. Enable DKIM:

  • In the DKIM section, click <Install the Suggested Record>.
  • WHM will automatically generate the DKIM record.

5. Copy the DKIM Record:

  • After generating the DKIM record, you will see a TXT record.
  • Copy the entire TXT record, including the v=DKIM1; part.

6. Log in to Your Domain Registrar:

  • Open your domain registrar’s website.
  • Log in with your credentials.

7. Access DNS Management:

  • Find the DNS management or zone file settings.
  • This section allows you to add or edit DNS records.

8. Add the DKIM Record:

  • Add a new TXT record.
  • In the Name field, enter the selector and domain (e.g., default._domainkey.yourdomain.com).
  • In the Value field, paste the DKIM record you copied from WHM.
  • Save the changes.

9. Verify the DKIM Record:

  • Go back to WHM.
  • In the <Email Deliverability> section, click <Manage> next to your domain.
  • Click <Check> to verify the DKIM record.

10. Test Your DKIM Setup:

  • Send a test email to ensure DKIM is working.
  • Use online tools like DKIMValidator to check if your email passes DKIM checks.

Tips for Non-IT Users

  • Take Your Time: Follow each step carefully.
  • Ask for Help: If you get stuck, don’t hesitate to ask your registrar’s support team.
  • Double-Check Entries: Ensure there are no typos in the DKIM record.
Summary

Business users do not have a lot of patience when it comes to email, and not a lot of people check Spam or Junk occasionally if at all. Email that is lost in this way costs business so DKIM, along with SPF (automatically configured for you already, DMARC, and Reverse DNS are necessary utilities for providing resilient email delivery.

Making adjustments to your domain name’s zone record requires exacting language and syntax. A missing character can cause a web site to cease functioning and disable your organisation’s email. Nor can you test a modification first – changes made have effect in real time.

Expert help available

We have decades of experience managing domain names on behalf of clients. If you are nervous about dealing with this technology, we can provide admin support for domain names and ongoing services – we can turn modifications in minimal time at reasonable cost and while saving you from risk of web site and email disruption – please ask for help if in doubt.

Configure Reverse DNS (RDNS)

by | Mar 4, 2025

Reverse DNS

Reverse DNS, also called rDNS, is used by email servers to verify your email has reached it from an email server and IP address that you own. rDNS is crucial for email deliverability and server reputation. For instance, web site contact forms often fail because Reverse DNS is not configured properly and emails are dropped before reaching a web site owner’s Inbox. This is why SPF, rDNS, DKIM, and DMARC are so important in business email.

Reverse DNS

Your web server’s zone record is already configured to a rDNS mapping so you should not need to intervene unless you are operating exceptional circumstances.

Click on the headers below to follow our guide to record a Reverse DNS/PTR record in your domain name’s zone record at your domain registrar. Click on images to see in full resolution.

How to check rDNS is configured

At the moment, your web server already resolves rDNS, and the record posted in cPanel > Email > Email deliverability should already resolve to:

  • Name: 10.183.202.88.in-addr.arpa.
  • Value metal1.namesfirst.net.

Note that the IP address is recorded in the <Name> field. This is usually illegal logic, and that is why this record has to be specially handled by the owner of the IP address block your server relies on: it requires a “reverse” entry which means it has to be handled at “datacenter” level.

rDNS is a not always an easy DNS feature to deal with. Please contact us for advice if you are in doubt about your server configuration.

Summary

Reverse DNS is an important tool that remail servers rely on to verify that email you send is recognized as valid. Without this validation, you may send email that is rejected or dropped before it reaches a recipient’s Inbox.

Making adjustments to your domain name’s zone record requires exacting language and syntax. A missing character can cause a web site to cease functioning and disable your organisation’s email. Nor can you test a modification first – changes made have effect in real time.

Expert help available

We have decades of experience managing domain names on behalf of clients. If you are nervous about dealing with this technology, we can provide admin support for domain names and ongoing services. We can turn modifications in minimal time at reasonable cost while saving you from risk of web site and email disruption – please ask for help if in doubt. 

Why Authoritative Nameservers Matter for Your Web Hosting Setup

by | Feb 8, 2025

Introduction

Use this article to understand how a domain name relies on authoritative namservers to connect web site viewers and email users to your web server. This article is intended for Comstat.uk clients who have bought domain names elsewhere who intend to maintain the domain names in their own portfolios. This requires more client input and can delay restoration of services in the event of outages.

If you maintain your domain names within ComStat.uk’s management portfolios we can provide streamlined support because we can access your domain names’ zone records 24/7 without recourse to clients. This means we can fix authoritative nameservers without reverting to you.

For instance, in the event of an outage while you are away on holiday, or you cannot access your domain name control panel because you have no phone signal to handle 2FA, your web site service could be disrupted until someone can get to your domain name control panel to resolve problems. So, it is important to understand how your authoritative nameservers operate and who is repsonsible for the dashboard that manages them.

Click on the headers below to find out about how to decide where to locate your authoritative nameservers. Click on images to view at full-sized resolution.

What are Authoritative Nameservers?

Authoritative nameservers hold the definitive records for a domain name that operate your email, website availability, and other services. Conventionally, two or more authoritative nameserves are in operation in case one server fails. Authoritative nameservers answer queries about domain names with the most accurate and up-to-date information about your web site, email server, and more.

For instance, if you want to send an email, your computer has to find your authoritative nameserver to find out how to send your outgoing email. Also, it has to find where to send the email. Lastly, the receipient’s email server has to verify that email is legitimate, so it is critically important that your authoritative nameservers are operational and capable of demonstrating a good “score”. If your authoritative nameservers are not recognised and do not achieve adequate safety metrics, your emails will be dropped or sent to spam.

Authoritative nameservers work behind the scenes to translates domain names (like comstat.uk) into IP addresses (like 192.0.2.1). To read this article, your computer had to find where the web server was that hosts the page you are reading. Often, a web site operates from one server, and email from another. Authoritative nameservers define where your services are established. 

Using a domain name supplier's Authoritative Nameservers

When you buy a domain name your domain name supplier will provide standard authotitative nameservers which point to your domain name’s “zone record” – a phone book – which describes where your web site is, and where your email server is. Also, it provides room for you to define records to help prove that your email is legitimate and many more things. It is important that it is secure, and safe from malicious hijack. 

 

Pros:

  •  Reliability – good security, robust global availability

Cons:

  • Limited control – limited customization options
  • Dependency – you rely on the registrar for DNS management
  • Manual entries – records have to be transcribed from your cPanel zone record (e.g. webmail.domainname.com)
  • Complexity – different suppliers adopt differing methodologies for scripting records
  • Resolution – some suppliers take up to 72 hours to resolve DNS
Using your web server for Authoritative Nameservers

When you use your web server as your authoritative nameservers, you modify records at your domain name supplier so that your web server become your authoritative nameservers. This is easy to do: you replace the standard nameservers in your domain name’s control panel with your web server’s nameservers which we will establish for you. For instance, we use nameservers like ns1.namesfirst.net and ns2.namesfirst.net. Once the nameservers are modified, all records dealing with your web site, email, webdisk, etc., are handled via cPanel.

 

Pros:

  • Control – you/we can make changes instantly
  • Integration – seamless integration with your email, web site, etc.
  • Customization – you can tailor DNS to specialized needs
  • SSL – cPanel can automatically align SSL certificates with your web server

Cons:

  • Security – teh onus is on the web server owner to protect against intrusion
Summary - which one?

Entry level web hosting services do not do much more than provide a web site, and email is usually bought as a separate service. As businesses outgrow entry level web hosting, the realities that larger business face become more evident.

If you operate a web site via cPanel which includes email, and you intend to use services like Webdisk and automated SSL, it is probably less effort to use your web server as an authoritative web server.

If you want to provide extra security against a malicious person hacking your authoritative nameserver, consider managing things at your domain name supplier. This will mean copying records from cPanel however, and may limit how your SSL certificate works. Also, our ability to restore services in the event of authoritative nameservers depend on us being able to reach you.

In some cases, we also manage authoritative nameservers for clients at Cloudflare and Microsoft 365. Both provide Enterprise grade suecurity and resiliency. How your email and website are organised influences how we need to deal with your authoritative nameservers.

Without a working authoritative namserver, web sites, email, and more cease to work. So, at some point businesses have to develop in-house skills or outsource help to manage this critical Internet technology.

To discuss how best to manage your domain name and how best to establish your authoritative nameservers, contact us using the WhatsApp link or arrange a convenient time for us tr contact you via our contact page.

 

Add SPF to your DNS zone record

by | Feb 4, 2025

Authenticate your outgoing email with SPF

Use SPF (Sender Policy Framework) is a utility that lists all the server IP addresses that a domain name can use to send emails from.

cpanel SPF record

Click on the headers below to follow our guide to manage SPF record using cPanel WHM and then post your SPF record in your domain name’s zone record at your domain registrar. Click on images to see in full resolution.

Why is SPF important?

Most people who rely on a contact form have experienced what happens when SPF is not working.

For instance, your business might use Microsoft 365 (i.e. Exchange). Exchange handles all staff email and its servers use IP addresses to do so. Now, imagine that your business also has a web site with a contact form but the web site sends contact form email from a different IP address than Microsoft Exchange uses for everyday emails: the contact form uses the web server’s IP address. SPF means your business can validate the web site’s server IP address. Without properly configured SPF, the contact form would not work. You would never know you lost a sale. At best, contact form email might end up in Spam/Junk.

How do I configure SPF?

If your web server is configured for email, you might not need to do anything at all. If you already use another email service for regular email, you may need to amend your existing SPF record where you manage your domain name to include the IP address for your contact form. The best thing to do is to contact us first for advice.

Step-by-step instructions

This guide assumes that you need to create an SPF record at your domain name supplier, but you want to operate your email from our new web server.

1. Log in to cPanel

  • using your web server configuration sheet, log into cPanel
  • navigate to <Email>
  • click on <Email deliverability>

2. Find your SPF record

  • towards the top of your page, you will see a section for SPF, like you see in the screenshot below.
  • the SPF <value> is the entry you need to modify your existing domain name record where you manage your domain name – copy the record from cPanel.
  • go to your domain name supplier

cpanel SPF record

3. Create or edit your SPF record

  • log in to your domain name manager or zone editor
  • if there is no SPF record, create a new TXT or SPF record, and enter the the values from cPanel
  • if there is an SPF record, copy the existing record an paste/save it so you have a last known working state
  • if the existing SPF record handles other email alredy, you will need to determine how to add your web server’s IP address to the entry. This is because you use one SPF record to define all IP addresses that need to be covered.

SPF can be the simplest of protocols to implement, especially if you are operating all email from your web server and your domain name uses our nameservers. However, SPF needs to be able to cope with diverse eventualities, and it may need configuring for multiple IP addresses that handle email for your business. If in doubt, contact us for advice.

Summary

SPF is already configured if your web server includes email services, so there is nothing to do if we manage your domain name for you and all your email will be handled from your web server.

In most other cases, you should contact us for guidance before you make changes anywhere. If you do make changes to existing records, be sure to copy/paste/save those records so that you can resort to a last known working state if problems develop.

DNS is not a forgiving technology, and if you are nervous about making real time changes that might disrupt your web site and/or email, please contact us at the very least for advice.

Expert help available

We have decades of experience managing domain names on behalf of clients. If you are nervous about dealing with this technology, we can provide admin support for domain names and ongoing services. We can turn modifications in minimal time at reasonable cost while saving you from risk of web site and email disruption – please ask for help if in doubt.

 

Outlook templates

by | Jan 28, 2025

Resend Message tool for email templates

<Resend message> is an easy method for creating and managing email templates in Outlook.

Template tools are not intuitively easy to organize in Outlook and require detailed knowledge. One option is to use Signatures to manage templates. Signatures can be inconvenient too when you want to save a longer of standardised emails this way.

Instead, use <Resend Message> to build a library of standard form emails to improve efficiency.

Click on the headers below to find how to use this option.

About Resend message utility

To use <Resend message> in Outlook open a previously sent email. Then, using <Resend message> Outlook strips the email headers from the original email leaving you with a draft email and subject header which only needs a new email address adding to it. before sending or scheduling as normal.

You can copy emails that you want to save as templates this way to a folder which you could, for instance, call Templates. Also, you could use Outlook Categories to tag emails in Sent Items as templates.

Use Resend Message in Advanced Options

To use the <Resend message> option see screenshot below and follow this workflow:

  1. Open the e-mail you want to send again
  2. Click down the three dots towards the upper right of the editing window
  3. Click <Advanced Options>
  4. Click <Resend message>
  5. Edit the e-mail as necessary
  6. Send as normal

Using Advanced options to resend email

 

Use Resend Message using More Options

Often, <Resend message> is available on Outlook message editor toolbar. Click on the three dots for <More options> and select <Resend message> from the drop down menu. At time of writing, <Resend message> cannot be added to the toolbar with a button.

Resend message using More options in Outlook toolbar

 

Summary

Outlook can be difficult to use at face value for some tasks like templates. Partly, this is because larger organizations rely on IT deparatments to automate functions like templates at a server level so that staff have ready-made presets.

Those same tools are available in smaller business that use Microsoft 365/Exchange/Outlook. In smaller businesses, staff tend to have to do more for themselves because server level presets are not usually deployed.

Using <Resend message> is the simplest of Outlook’s desktop options for creating and managing templates.