Hello Ive some Problems with openDKIM and DKIM-Result: permerror (no key).
AT first, i have test this. all was ok, but if i config dkim and activate it, he delets the 127.0.0.1 nameserver and virtualmin, says in check configuration this as error. so ive deactivate dkim and reconfigurte bind. all works. but at moment i have activite dkim. and configure it with new key. i have wait 12 hours for the sedcond test. but dkim fails... permerror (no key)
in config the kay is present. and in virtualmin domains config also.... But its not working.
I cant reinstall the server to make all from scratsch, because we host some webpages for an community... and on the server runs an ts server...
Is there an other way to fix the situation?
If yes. what did you need from me...
Comments
Submitted by MonkeyOnKeyboard on Sun, 01/13/2019 - 01:21 Pro Licensee Comment #1
Submitted by JamieCameron on Sun, 01/13/2019 - 15:01 Comment #2
That's unusual, because the setting up of DKIM shouldn't effect DNS nameservers at all.
Is it the nameservers in
/etc/resolv.confthat are being incorrectly updated?Submitted by Jfro on Mon, 01/14/2019 - 06:20 Comment #3
Make backup of the / those config files before, and compare them afterwards.
Please post output result here.
Submitted by MonkeyOnKeyboard on Tue, 01/15/2019 - 14:02 Pro Licensee Comment #4
So i have reinstall the server. but more errors still before.
I putt my screenshots after this.... I need help by the configuraten of the server viawebmin.. i think here is all confused
Pictures from some cconfigurations and tests
please cann anybody help me.. to configureat my system...
Submitted by MonkeyOnKeyboard on Wed, 01/16/2019 - 11:39 Pro Licensee Comment #5
I think. ive found the errors. i look at /var/named config for domains. and i found my old plesk config files for virtual hosts. the new one is in my post otherthere in google drive...
here is the old plesk one.
named.conf
zone "r1sing.de" {
type master;
file "r1sing.de";
allow-transfer {
193.30.120.159;
common-allow-transfer;
};
};
zone "markus-bastelstube.de" {
type master;
file "markus-bastelstube.de";
allow-transfer {
193.30.120.159;
common-allow-transfer;
};
};
acl common-allow-transfer {
none;
};
config of one of my domains
$TTL 86400
@ IN SOA ns1.r1sing.de. EMAIL (
2018091202 ; Serial
10800 ; Refresh
3600 ; Retry
604800 ; Expire
10800 ) ; Minimum
r1sing.de. IN NS ns1.r1sing.de.
r1sing.de. IN NS ns2.r1sing.de.
tactics.r1sing.de. IN A 193.30.120.159
runningfile.r1sing.de. IN A 193.30.120.159
inliebegehuellt.r1sing.de. IN A 193.30.120.159
clantools.r1sing.de. IN A 193.30.120.159
r1sing.de. IN A 193.30.120.159
webmail.r1sing.de. IN A 193.30.120.159
mail.r1sing.de. IN A 193.30.120.159
ipv4.r1sing.de. IN A 193.30.120.159
ns2.r1sing.de. IN A 193.30.120.159
ns1.r1sing.de. IN A 193.30.120.159
ftp.r1sing.de. IN CNAME r1sing.de.
www.r1sing.de. IN CNAME r1sing.de.
r1sing.de. IN MX 10 mail.r1sing.de.
_domainkey.r1sing.de. IN TXT "o=-"
default._domainkey.r1sing.de. IN TXT "v=DKIM1; p=KEY;"
_dmarc.r1sing.de. IN TXT "v=DMARC1; p=none"
r1sing.de. IN TXT "v=spf1 +a +mx +a:v22018075453669884.bestsrv.de -all"
So i think virtualmin has problems with semi virtual root servers. and creating of virtual domains and there nameserver entrys.
i will test tomorrow the changes of the config files and will see, if it work.
Submitted by Jfro on Wed, 01/16/2019 - 12:19 Comment #6
For markus.. i found also on/for that ip /domain: These machines are also used by markus-bastelstube.de. They seem to be managed by a third party:
root-dns.netcup.net 46.38.225.225root-dns.netcup.net 2a03:4000:0:1::e1e1
second-dns.netcup.net 37.221.199.199
second-dns.netcup.net 2a03:4000:2:24b::c7c7
third-dns.netcup.net 188.68.63.68
third-dns.netcup.net 2a03:4001:0:106::3f44
don't know or that should be right?
other nameserver ip as out of your print for resolv 46.38.225.225 ( is the one out of soa root-dns.netcup.net) versus 46.38.225.230 in yours
https://mxtoolbox.com/SuperTool.aspx?action=https%3a%2f%2fmarkus-bastels...
Submitted by MonkeyOnKeyboard on Wed, 01/16/2019 - 12:41 Pro Licensee Comment #7
thanks, but i dont know, that i must change at all.