I just found out that out of the box, the DKIM configuration for cPanel/WHM didn’t pass. Here’s what I did to fix it.
The Fix
First off, make sure that DKIM and SPF signing is enabled. This can be done inside cPanel via Email > Authentication. If both are enabled, login to WHM. Then head to DNS Functions > Edit DNS Zone. Pick the domain that requires the DKIM signing.
Look for the default._domainkey entry in a TXT record. What I have is this:
"v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy+KxqqosNNcrPXOKcFJf2k3dX+LNM9+mE+7zttzo31vDniqOauHaArvZNfbKBvZDhgSde7I+GZF2yxXE5qHnZ8xizD7x4Rw2VT8mTPBD8hk7NE2cbwt5ub4kV2/vmi7YQld1CM4nqM+rO4dAGvGSV5lqCjPLCAalr4ymOyulF3vcYWNXfzbR6somy6Tjughn3" L4oZNmeBsimo1+u4+YyxtD6/nwhP8nafi8S0fsBH/94z0u/L/gZEhPX3Sl8P5j6AMdS9+dq06FICjUGKwCR+k84g0UYu1RJ44QkyrsvDDy95eX2WSU2s1Kz5P/qjtaST02dGPWaPBew3+0vDUwZwwIDAQAB\;
Then I edited the record to become this:
v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy+KxqqosNNcrPXOKcFJf2k3dX+LNM9+mE+7zttzo31vDniqOauHaArvZNfbKBvZDhgSde7I+GZF2yxXE5qHnZ8xizD7x4Rw2VT8mTPBD8hk7NE2cbwt5ub4kV2/vmi7YQld1CM4nqM+rO4dAGvGSV5lqCjPLCAalr4ymOyulF3vcYWNXfzbR6somy6Tjughn3 L4oZNmeBsimo1+u4+YyxtD6/nwhP8nafi8S0fsBH/94z0u/L/gZEhPX3Sl8P5j6AMdS9+dq06FICjUGKwCR+k84g0UYu1RJ44QkyrsvDDy95eX2WSU2s1Kz5P/qjtaST02dGPWaPBew3+0vDUwZwwIDAQAB
I removed the first double quote, the double quote in between, then the back slash and the semi colon on the last part. Make sure to save after the edits.
Tools Used for Testing
With the DNS records correctly figured for reverse lookup. I got a 10/10 score on mail tester:
Tools used to verify validity of the DKIM and SPF records.
Mail Tester.
DKIM check of mxToolBox.
Email verification of port25.
Hope this helps ^_^