Yuck. In this day and age, if I’m paying someone to provide email service for me, I don’t understand why this isn’t automated. Maybe because many of my provider’s clients have multiple domains? Still, it should be automated for each domain.<\/p>\n
Anyway, if you’re using Bluehost as your webserver and email provider (shared hosting, ie the cheapest plan), then you need to setup your email so that Yahoo, Hotmail, Gmail, and others don’t automatically flag emails from your domain (ie anybody@russandbecky.com) as SPAM. To do this, you need to setup DKIM (DomainKeys Identified Mail).<\/p>\n
On the plus side, the setup is actually pretty simple:<\/p>\n
At this point you just have to wait “4 hours” (in my case only a few minutes) for the DNS records to update. dkimcore.org mentions something about attaching a token to each outgoing email, but the Bluehost support staff assured me that I didn’t have to do anything else.<\/p>\n
Something that is confusing to me and friends I’ve talked to is that I didn’t have to do anything with the private<\/strong> key generated by dkimcore.org. Does Bluehost get it from them behind the scenes? That would be kinda sketchy. Is it not required for the system to work? Also sketchy.<\/p>\n Anyway, before I did this, when I checked the email headers to a yahoo acc\/ount I get<\/p>\n While after the changes I get:<\/p>\n For comparison, when sending from a gmail account to yahoo, I get:<\/p>\n Some related links:<\/p>\n I just got an email from Scott Cordon. Seems like something to try…<\/p>\n Very considerate of you to post your experiences with DKIM on your blog! I am also on Bluehost, have recently moved “up” to a VPS (lowest level) Noted that you have derived a 1024-bit based key for your DKIM. That was But some people seem to be doing it… just wondered whether you ran Any ideas or ramblings welcome.<\/p>\n Scott — Yuck. In this day and age, if I’m paying someone to provide email service for me, I don’t understand why this isn’t automated. Maybe because many of my provider’s clients have multiple domains? Still, it should be automated for each domain. Anyway, if you’re using Bluehost as your webserver and email provider (shared hosting, ie […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":true,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","enabled":false},"version":2}},"categories":[14],"tags":[],"class_list":["post-478","post","type-post","status-publish","format-standard","hentry","category-technical"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_shortlink":"https:\/\/wp.me\/p3p6ZE-7I","jetpack_sharing_enabled":true,"jetpack_likes_enabled":true,"_links":{"self":[{"href":"https:\/\/russandbecky.org\/blog\/wp-json\/wp\/v2\/posts\/478","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/russandbecky.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/russandbecky.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/russandbecky.org\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/russandbecky.org\/blog\/wp-json\/wp\/v2\/comments?post=478"}],"version-history":[{"count":9,"href":"https:\/\/russandbecky.org\/blog\/wp-json\/wp\/v2\/posts\/478\/revisions"}],"predecessor-version":[{"id":514,"href":"https:\/\/russandbecky.org\/blog\/wp-json\/wp\/v2\/posts\/478\/revisions\/514"}],"wp:attachment":[{"href":"https:\/\/russandbecky.org\/blog\/wp-json\/wp\/v2\/media?parent=478"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/russandbecky.org\/blog\/wp-json\/wp\/v2\/categories?post=478"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/russandbecky.org\/blog\/wp-json\/wp\/v2\/tags?post=478"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}Authentication-Results: mta1247.mail.bf1.yahoo.com \u00a0from=russandbecky.org; domainkeys=neutral (no sig); \u00a0from=russandbecky.org; dkim=temperror (key retrieval failed)<\/pre>\n
Authentication-Results: mta1444.mail.bf1.yahoo.com from=russandbecky.org; domainkeys=neutral (no sig); from=russandbecky.org; dkim=pass (ok)<\/pre>\n
Authentication-Results: mta1340.mail.ne1.yahoo.com from=gmail.com; domainkeys=neutral (no sig); from=gmail.com; dkim=pass (ok)<\/pre>\n
\n
\n2017-01-08 Update<\/h2>\n
\nAppreciated; your tips page is also very good. I have used most of them
\nover the years.
\nThank you!<\/p>\n
\nbecause I can handle
\nlinux admin — have been doing for a number of years.<\/p>\n
\nwell-supported at one time.
\nI think gmail still insists on at least that level. However, most of the
\nworld seems to be moving on to
\n2048-bit keys … and alas, they don’t fit (easily) within the protocol
\ndesignated in the DNS TXT record
\nwhich identifies you. Not even sure the libraries and MTAs can put
\ntogether the UDP packet’s 255-byte-limited
\nsubstrings for a long DKIM key. I suspect you might get it into one UDP
\npacket, but not necessarily into one string.
\nTwo separate parts to the TXT record are needed, not sure about two UDP
\npackets…<\/p>\n
\ninto anyone on Bluehost who is doing it?
\nBy using 2048-bit keys, you can really lock in the power of cryptography
\nto use a key with a “chain” to validate
\nyour identity — and have a totally verifyable identity chain.<\/p>\n
\n(yep, if you want it done, DIY)<\/p>\n
\nScott Corcoran<\/p><\/blockquote>\n","protected":false},"excerpt":{"rendered":"