DKIM not working / not signing

After enabling DKIM in Virtualmin/Email Settings/DomainKeys Identified Mail emails are still not signed.

dkim service is running and on right port. Postfix config is also right.

I tried every fix what I found here on forums and on stackoverflow but nothing works. This is serious bug I think.

Status: 
Needs work

Comments

Howdy -- I wasn't able to reproduce a problem on my test server with DKIM, and other than yours we haven't been receiving reports of problems with it.

While it is possible there could be a bug, there's other explanations too. Our suggestion would be to troubleshoot the issue by creating a new thread in the Forums, and if it's determined that there's a bug, we can look deeper into it at that point.

I tested today with new clean install of Debian 9. It 100% not signing emails.

Status:
Active
»
Needs work

I found it! There is problem with autoconfig. Postfix is configured to port 8891, but dkim is listening on socket! I changed dkim to listen on 8891@localhost and emails are signed now

I encountered this problem too on fresh Ubuntu 18.04. Editing /etc/opendkim.conf to listen to 8891@localhost solved the problem.

Ilia's picture
Submitted by Ilia on Tue, 01/14/2020 - 03:54

Assigned: Unassigned »

I will assign this to Joe for re-view, as possibly there is something that install.sh script could do something about it.

I have just installed a fresh Ubuntu 18.04 then installed Virtualmin. The problem happened again. However, I have more information.

The install.sh script has nothing to do with it. Because opendkim is not installed by the install.sh script. It's installed when you go to "Email Settings > DomainKeys Identified Mail" then press "Install" then "enable" it.

The command apt-get -y -f install opendkim will be executed. Then this message will be shown:

Configuring mail server to use DKIM filter

The /etc/opendkim.conf will be created with those lines:

#Socket                  inet:8892@localhost
Socket                  local:/var/run/opendkim/opendkim.sock


Also those lines will be added to /etc/postfix/main.cf:

smtpd_milters = inet:localhost:8891
non_smtpd_milters = inet:localhost:8891


So, to correct the problem you have to edit /etc/opendkim.conf like this:

Socket                  inet:8891@localhost
#Socket                  local:/var/run/opendkim/opendkim.sock


Then restart opendkim.

Ilia's picture
Submitted by Ilia on Wed, 01/15/2020 - 07:39

Thanks for sharing details! I think it will be useful for future readers but in fact, it looks like OpenDKIM package (on Ubuntu) problem itself.

Ilia's picture
Submitted by Ilia on Wed, 01/15/2020 - 16:57

Assigned: »

I have taken a closer look on clean Ubuntu 18.04 install and it appears that OpenDKIM's config, by default listens for milter connections on:

Socket local:/var/run/opendkim/opendkim.sock

..while nothing added automatically to Postfix.

When you run Email Settings/DKIM and enable it, it's getting configured the way you described.

It appears as a bug (overwatch), as at certain point Ubuntu 18 seems to be switched to using listening on socket rather than on interface.

Thanks for reporting, I will pass it to Jamie for review and a fix. Jamie, have a look at the attached screenshot.

This one should be fixed in the next Virtualmin release, although it may require disabling and re-enabling DKIM in Virtualmin.