DKIM Filtter Issue (Possible Bug in default setup by Virtualmin)

8 posts / 0 new
Topic locked
Last post
#1 Wed, 01/05/2011 - 04:47
tuaris

DKIM Filtter Issue (Possible Bug in default setup by Virtualmin)

I recently enabled DKIM Signing using Virtualmin, I am now receiving the following errors in my mail log and many website scripts are no longer sending out mail:

Jan 5 05:41:52 pacy01 dkim-filter[18156]: A9EFE700033 no key selected for signing Jan 5 05:41:52 pacy01 postfix/cleanup[18715]: A9EFE700033: milter-reject: END-OF-MESSAGE from localhost[127.0.0.1]: 4.7.1 Service unavailable - try again later; from=www-data@pacy01.pacyworld.com to=XXXXXX@yahoo.co.uk

I noticed that virtualmin uses "Domain *" in the dkim-filter.conf file. That could be the source of the issue. I think it's best to list every domain in a separate file and use that instead of including all the domains by default.

I tried adding the following to the dkim-keys.conf file: *@pacy01.pacyworld.com:pacy01.pacyworld.com:/etc/pacyworld

It fixed some messages except for the ones send by "www-data". Unfortunately, this file get rewritten every time a new mail domain is added.

Sat, 01/08/2011 - 00:48
tuaris

Please look at the correct setup for multiple domains:

http://www.unibia.com/unibianet/systems-networking/how-setup-domainkeys-...

Their is no need to specify "Domain *" in the /etc/dkim-filter.conf file.

Anyone having trouble with the virtualmin setup should comment out the above line

/etc/dkim-filter.conf:

...
#Domain *
KeyFile /etc/dkim.key
Selector pacyworld
...

Then /etc/inid.d/dkim-filter reload

Fri, 03/18/2011 - 11:57
jmunjr

I found the conf file at /etc/mail/dkim-milter/dkim-filter.conf

To restart use /etc/init.d/dkim-milter reload - (not filter)

It seems to work. There is no way this can affect the system negatively?

Thanks

Mon, 01/31/2011 - 16:26
zonez

The ''Domain *" line gets uncommented everytime a new domain is added or changed.. Is there any way to prevent this from happening?

Sat, 03/05/2011 - 15:42
Hal9000

Yeah same problem here... was working fine on Debian 5.0 but on Debian 6.0 I need to comment that Domain * line out. If it gets uncommented on every domain addition I guess I will have to disable the DKIM service for the time being.

Mon, 03/14/2011 - 11:46
rodrigoderteano

I can also confirm this behavior in debian squeeze.

To fix it for now, I made a backup of dkim-filter.conf with the uncommented line and created a small script like this:

!/bin/bash

cp /etc/dkim-filter.conf.bckp /etc/dkim-filter.conf

/etc/init.d/dkim-filter restart

and let it run after domain creation or update -> system settings / virtualmin configuration / Actions upon server and user creation

Mon, 03/14/2011 - 11:46
rodrigoderteano

I can also confirm this behavior in debian squeeze.

To fix it for now, I made a backup of dkim-filter.conf with the commented line and created a small script like this:

!/bin/bash

cp /etc/dkim-filter.conf.bckp /etc/dkim-filter.conf

/etc/init.d/dkim-filter restart

and let it run after domain creation or update -> system settings / virtualmin configuration / Actions upon server and user creation

Sat, 03/19/2011 - 13:29
AskewDread

can also confirm this... can this be fixed in the next release?

Topic locked