Ability to disable and enable DKIM enforcement inbound per Domain Name / Package
As a cloud hosting provider, I would like the ability to tweak the DKIM enforcement at a user level, so that the customer has more control over their inbound e-mail policy.
We have enabled DKIM enforcement on our servers to reduce spam and for the most part, all has gone tickety boo, however, now and then we get a customer who albeit should be questioning the domain e-mailing them why their DKIM Signature is incorrect. Specifically Office 365 signs everything even without a DKIM entry on the Domains DNS.
We have seen this for a lot of domains not excluding government organisations who really should know better than to half a half baked rollout of e-mail. We are looking at a workaround to provide customers who want to disable this feature at present, however, if cPanel were able to provide the functionality to allow package owners to disable and enable DKIM enforcement this would make our support teams live a lot easier.
I would suggest the following setup -
WHM Settings for DKIM Enforcement on by default --> Enabled in the package by default.
WHM Settings override disabling of feature by tweak settings --> Grey out the disable box in package
WHM Settings Disable DKIM Enforcement --> Feature does not appear in the control panel whilst not enabled at a global level.
I am sure we are not the only host getting these questions who have decided to follow best practices, we ourselves have rolled out DMARC, DKIM and SPF as standard (Using the DNS Templates) centralised at a domain ensuring we tick all of the boxes with our own outbound mail cluster which also blocks and prevents spam leaving the network.