DKIM signing for all domains


Up to date Virtualmin on up to date Debian 9 : Webmin version 1.883 Usermin version 1.741 Virtualmin version 6.03

All outgoing mails are signed whatever the from domain is.

This is because the Domain directive in opendkim.conf is beign ignored as states the opendkim.conf (5) man page :

   Domain (dataset)
          A set of domains whose mail should be signed by this filter.  Mail from other domains will be verified rather  than  being

          This  parameter  is  not  required if a SigningTable is in use; in that case, the list of signed domains is implied by the
          lines in that file.

          This parameter is ignored if a KeyTable is defined.

Additionnaly all emails have a double signature. But this is another issue and I couldn't find why at the moment.

Best Regards, Xavier



Is there a SigningTable entry in opendkim.conf , and if so what domains are in the file that it points to?

Hi Jamie,

Thank you for your answer.

Here is the configuration details you asked for :

In /etc/opendkim.conf : SigningTable refile:/etc/dkim-signingtable KeyTable /etc/dkim-keytable

In /etc/dkim-signingtable : * default

In /etc/dkim-keytable : default %:manxgo2018:/etc/dkim.key

The domains to sign for are in /etc/dkim-domains.txt

I tested on 3 different recent servers. The default installation always lead to this configuration.

Best regards, Xavier

As a quick fix, try removing refile: from that SigningTable line.

Hi Jamie.

Actually, event without "refile:" it keeps double signing outgoing emails for all domains.

Regards, Xavier