If you have ever received an email from your bank, your lawyer, or your web design team, chances are it passed through a security check called DKIM. And if you have run into a DKIM error trying to send mail to one of our servers, you might be wondering why we are making life difficult.
Here is the truth: we are not trying to frustrate you. We are trying to protect our clients. Because when email security fails, people do not just get spammed, they get scammed.
What is DKIM, and why do you need it?
DKIM, short for DomainKeys Identified Mail, is like a digital wax seal for your emails. It proves a message really came from your domain and was not tampered with in transit. When your mail system signs an outgoing message with DKIM, it tells the receiving server: this message has not been forged, spoofed, or altered. You can trust it.
Without a successful DKIM check, our mail servers will not accept the message. It is not personal, it is protocol. Roughly one percent of all emails sent in South Africa fail DKIM checks, leading to bounced messages, spam filtering, or worse, an opening for fraudsters.
How to fix a DKIM error in cPanel
If you host your mail with cPanel, here is how to check and fix your setup:
- Log into cPanel. Go to yourdomain.co.za/cpanel and sign in.
- Open the Email Deliverability tool. Search for "Email Deliverability" in the cPanel search bar and click it.
- Find your domain. Any domain with issues will show as "Problems Exist".
- Click Repair. If DKIM is missing or broken, cPanel can usually fix it automatically.
- Copy the suggested DKIM record. If auto-repair fails, cPanel gives you a TXT record to add manually.
- Add the record to your DNS. If your DNS lives elsewhere, create a new TXT record with the name and value cPanel provides. A TTL of 3600 seconds is fine.
- Wait for propagation. DNS updates can take one to twenty-four hours. You can test with mxtoolbox.com or mail-tester.com. If you are still stuck, let us know and we will help.
Why this matters: invoice fraud is a real threat
Imagine you email a client an invoice for R150,000. Somewhere between send and receive, a criminal intercepts the message, changes the banking details, and forwards it on. The email looks completely legitimate: your name, your wording, your footer. Your client pays. But not to you.
This kind of attack is called Business Email Compromise, and it is on the rise, especially in industries where large payments are made by EFT and invoices are sent over email. According to recent cybercrime reports:
- Billions of dollars are lost globally every year to business email compromise.
- Hundreds of millions of rand are lost in South Africa alone to email-based scams.
- The vast majority of successful attacks start with a spoofed or manipulated email.
And yet most South African businesses still do not have proper SPF, DKIM, and DMARC records in place.
What Webnova does, and why
We run strict DKIM validation on our hosting platform because we have committed to protecting our clients. Yes, it occasionally blocks an email that does not meet the standard. But those same standards could save you hundreds of thousands of rand.
Email is no longer just a communication tool. It is a security gateway. DKIM is not an inconvenience, it is your first line of defence, and we are here to help you get it right. Need a hand checking your domain? Reach out and we will make sure your emails are not just delivered, but trusted.