Achieve 10/10 Email score with CyberPanel!

Sending emails to the inbox is always a tricky thing for even experienced system administrators, running a healthy email server requires great attention. I will be mostly talking about transactional emails in this article, even though it can be applied to marketing emails. Some companies process a large number of transactional emails on daily basis (in millions). Transaction emails involve:

• Account Confirmation Emails (while registration).
• Password Reset Emails (When you forgot the password for some reason).
• Purchase confirmation emails.
• and a lot more…

These emails are much more important, and any company can not afford to have such emails land in spam/junk folder. For say if a purchase confirmation email lands in the spam folder, a company is going to lose a potential customer if they do not check all their folders (thinking email never arrived). Which is why even transactional emails have great importance. There are four things that Google recommends you to have:

1. Keep a valid RDNS record against the hostname your mail server is using.
2. Publish an SPF record.
3. Sign messages with DKIM.
4. Publish a DMARC policy.

You can read more about these technologies in our previous article:

How to Manually Set up SPF, DKIM and DMARC Inside CyberPanel

Even after setting all of the above things, your email might end up in spam, from their onwards it totally depends upon the content of your email and how people are reacting to your emails. If they are marking your email as Not Spam then soon you are going to land emails in the inbox. But setting up these 4 things is a must thing and a good start.

Early Days

In early days of CyberPanel, you have to do this all manually. You have to manually setup hostname for your mail server. Please note that hostname here refers to RDNS that you have set. But now you can do that from CyberPanel using the guide below:

SSL For PostFix/Dovecot

This not only issues Let’s Encrypt SSL for PostFix/Dovecot but also set the same domain as the hostname for your mail server, so choose this domain carefully. After setting up hostname you have to take care of SPF, DMARC and DKIM your self. This task is very painful and confusing for people. For your reference these records look like:

If you still want to do it the old fashion way, you can create these records manually, replace talkshosting.com with your domain and 192.168.100.1 with your server IP Address. Note that I’ve not pasted the whole value of DKIM record, as it was too long to fit in one box. And to manually set up all of these records you can follow this guide:

How to Manually Set up SPF, DKIM and DMARC Inside CyberPanel

What happens now?

Early days were harsh for us, we need to do everything related to email manually which is not very pleasing. Before moving forward you need to upgrade CyberPanel or install the latest version of CyberPanel. While creating a website on version 1.6.4 (and after) you have another option DKIM Support. What happens if you don’t opt for DKIM Support? We still have following records automatically created:

But you can clearly see that our DKIM record is still missing, you can create dkim keys even you didn’t opt for it while creating a website. From this point onwards we will see how we can achieve 10/10 score on http://www.mail-tester.com

The road to achieving 10/10 Mail Score!

Achieving 10/10 mail score may be very hard for some system administrators. In this article, we will see how we can do exactly that.

Step 1: Install or upgrade CyberPanel

Before moving forward you need to upgrade CyberPanel or install the latest version of CyberPanel, so that you are on latest version which contains DKIM Manager (v1.6.4 and after).

Step 2: Make sure CyberPanel is handling your DNS

Nothing is going to work if your DNS is not managed by CyberPanel. We will discuss what to do if DNS is not managed by CyberPanel later in this article. Read the guide to make sure your DNS is managed by CyberPanel:

HOW TO REGISTER PRIVATE NAME SERVERS ON NAMECHEAP OR GODADDY WITH CYBERPANEL!

Step 3: Setup RDNS and Hostname!

This step is very important, I am using talkshosting.com as a hostname in this article. If I check RDNS of my IP Address it should point back to this domain. You can check this here.

As you can see my IP Address points back to talkshosting.com, you should point to your domain. Once you set the RDNS, follow the guide below to setup same domain as a hostname on your mail server too:

SSL For PostFix/Dovecot

So far so good, we now need to create our website with DKIM Support.

Step 4: Create Website with DKIM Support

While creating website remember to check the DKIM Support box.

Once a website is successfully created, following records will automatically be created:

Creating DKIM Records Later If for some reason you have not created DKIM records while creating a website you can do so later by navigating to https://:8090/email/dkimManager This will generate DKIM keys and also publish those DKIM public key to your DNS record, which is exactly the same as having DKIM Support while creating a fresh website.

Step 5: Verify your email Score

It is time you verify your email score, open https://www.mail-tester.com/ on your browser. They will provide you with temporary email, you need to send a test email to this email.

And once you click THEN CHECK YOUR SCORE, it should be giving you following output:

How sweet, how hard was it? It was so easy. You need not do anything extra on your end if your DNS is managed by CyberPanel.

What to do if DNS is not managed by CyberPanel

If your DNS is not managed by CyberPanel, you can generate DKIM keys from CyberPanel and publish them where ever your DNS is hosted. First, let’s create other necessary records:

Replace domain and IP Address with your domain and IP Address respectively. Once SPF and DMARC are created you then need to generate DKIM keys from CyberPanel, for that navigate to: https://:8090/email/dkimManager Once generated, you will get Private and Public keys, you need to copy public key and form your DKIM record. Record Type: TXT Record Value: default._domainkey.yourdomain.com Record Value: v=DKIM1; k=rsa; p=<PASTE THE PUBLIC KEY YOU GOT FROM CyberPanel>

Your final records in your domain registrar must contain these four entries:

And that is all if you are hosting your DNS somewhere else.

Read and send email through Gmail

You can also read and send email through Gmail. Open your Gmail account, go to Settings and then Accounts and Import.

This will open a window:

Enter the email address you have created inside CyberPanel and click Next. On the next window select Import emails from my other account (POP3) and click Next.

1. Use complete email as username.
2. Enter your email password which you set via CyberPanel while creating this email.
3. On the third box, enter the same domain for which you issued SSL (RDNS/Hostname).
4. Choose port 995.

Make sure to leave a copy of retrieved messages on the server too, otherwise, they will be deleted from the server, and then click Next. It will then ask you if you also want to use Gmail to send emails from this email.

It is recommended to select the first option as selected in the image above, you can then send emails via Gmail too.

For emails to be sent via Gmail you need to configure SMTP settings that Gmail can use to connect to your mail server.

1. On the first box, you again need to enter mail server hostname.
2. Use port 587.
3. Username is same as your email.
4. Enter your email password which you set via CyberPanel while creating this email.

And click Add Account, Gmail will send you a verification email, click the link inside the email and you are done. You will now receive emails inside your Gmail. You can also use Gmail to send an email via the same email.

Conclusion

How easy it was to achieve 10/10 score for your email, for other domains you can do that same. It will be easier if you use CyberPanel to manage DNS for your other domains too, this way you will not have to manually create DNS records at your domain registrar. Feel free to comment below join our Facebook group or Discord for any help. You can also create a helpdesk ticket.

Goog Work, The Pursuit of Happyness.

DKIM is not valid, I have attached the screenshot

Looks like your DNS is not managed by CyberPanel. In such case you need to add records in your domain provider as described here.

Mine says 10/10, yet people with Gmail cannot send emails to my website email.
But Hotmail and any other email provider can.
But they all show this, even if my DKIM is valid through Cloudflare.

Gmail says my website email does not exsist.

https://www.mail-tester.com/test-gkmx43p4b

Mail-tester is only concerned with outgoing mail and has nothing to do with incoming mail.

What information is in the ‘mail undeliverable’ message that people sending from gmail get back, that should be your starting point for trying to diagnose the problem.

This is the error from every gmail user.

Looks like you are using Cloudflare for mail routing?

In that case you are probably better asking Cloudflare support or in the forums there.

I’m not using cloudflare for routing. I took the cloud off the mail a dns. Just like the 10/10 tutorial.

Strange, most of the different tests I have run show that CloudFlare is still being used for routing and that there is an issue with Route Origin Authorization.

See the bottom section of this test - Email test: newstargeted.com (internet.nl)

Hm, interesting.
I removed the 3 lines, i guess it was from the time I was trying to get Cloudflare email to work.
But sadly it failed because it refuses to set up an email server within the same IP as the VPS for some reason.

But now that I removed these 3, it works
Thanks

No problem, glad you got it working.

how did you add reverse dns? I couldn’t add

You need to do that from VPS hosting panel not from cyberpanel.

i don’t have vps hosting panel, i installed cyberpanel on centos 7

You installed on your own server?

yes, I created my own server

Hi, I have added in VPS Provider.

i sent to test-mailer, and i got a 10/10. but when i tried sending with the webmail, my emails kept going to spam…

secondly, using the WP SMTP, i got an error. it did not send a test mail.

the error was:

**Versions:**
**WordPress:** 6.0.3
**WordPress MS:** No
**PHP:** 8.1.4
**WP Mail SMTP:** 3.6.1

**Params:**
**Mailer:** smtp
**Constants:** No
**ErrorInfo:** SMTP Error: Could not authenticate.
**Host:** mail.vcfdw.us
**Port:** 587
**SMTPSecure:**

tls

**SMTPAutoTLS:**

bool(true)

**SMTPAuth:**

bool(true)

**Server:**
**OpenSSL:** OpenSSL 1.0.2k 26 Jan 2017
**Apache.mod_security:** No

**Debug:**
Email Source: WP Mail SMTP Mailer: Other SMTP SMTP Error: Could not authenticate.

**SMTP Debug:**

2022-10-18 01:11:03 Connection: opening to mail.vcfdw.us:587, timeout=300, options=array()
2022-10-18 01:11:03 Connection: opened
2022-10-18 01:11:03 SERVER -> CLIENT: 220 vcfdw.us ESMTP Postfix
2022-10-18 01:11:03 CLIENT -> SERVER: EHLO vcfdw.us
2022-10-18 01:11:03 SERVER -> CLIENT: 250-vcfdw.us250-PIPELINING250-SIZE 30720000250-ETRN250-STARTTLS250-ENHANCEDSTATUSCODES250-8BITMIME250-DSN250 CHUNKING
2022-10-18 01:11:03 CLIENT -> SERVER: STARTTLS
2022-10-18 01:11:03 SERVER -> CLIENT: 220 2.0.0 Ready to start TLS
2022-10-18 01:11:03 CLIENT -> SERVER: EHLO vcfdw.us
2022-10-18 01:11:03 SERVER -> CLIENT: 250-vcfdw.us250-PIPELINING250-SIZE 30720000250-ETRN250-AUTH PLAIN250-AUTH=PLAIN250-ENHANCEDSTATUSCODES250-8BITMIME250-DSN250 CHUNKING
2022-10-18 01:11:03 CLIENT -> SERVER: AUTH PLAIN
2022-10-18 01:11:03 SERVER -> CLIENT: 334
2022-10-18 01:11:03 CLIENT -> SERVER: [credentials hidden]
2022-10-18 01:11:05 SERVER -> CLIENT: 535 5.7.8 Error: authentication failed:
2022-10-18 01:11:05 SMTP ERROR: User & Password command failed: 535 5.7.8 Error: authentication failed:
SMTP Error: Could not authenticate.
2022-10-18 01:11:05 CLIENT -> SERVER: QUIT
2022-10-18 01:11:05 SERVER -> CLIENT: 221 2.0.0 Bye
2022-10-18 01:11:05 Connection: closed
SMTP Error: Could not authenticate.

please i would really appreciate your help

In the last step you connect your mail through Gmail, but how did you do that? I tried to do the same but it can’t connect I got the error. All ports is opened. What to do with it?