Submitted by santiazpi on Mon, 02/24/2020 - 12:08 Pro Licensee
Hi,
I have set up my email from newearth.foundation to go out with DKIM - see screenshot of Virtualmin settings.
Then I have configured the corrresponding DNS entry that checks correct (I use cloudflare) Here is the result of https://www.dmarcanalyzer.com/dkim/dkim-check/
But still my emails are aparently not being signed: https://www.mail-tester.com/test-tu5zoxdav
What am I missing?
Thank you
Status:
Closed (fixed)
Comments
Hi,
Have a close look at this detailed Troubleshot Delivery tutorial. Additionally, check your MX records and make sure that the DKIM record on your local DNS for this domain is valid, by going to Webmin > Servers > BIND DNS Server > newearth.foundation > Edit Zone Records File.
Setting up and configuring Cloudflare is not something Virtualmin support should do.
It's expected that locally DKIM service is running and configured properly with Postfix.
I remembered that there was a bug in Ubuntu 18.04. You can find a fix and explanations here.
Submitted by santiazpi on Mon, 02/24/2020 - 21:58 Pro Licensee Comment #3
Hi Illia,
Your first comment related to zones and cloudflare is not very relevant, as my screenshots were intending to proof: DNS is not the problem. The problem is more toward what you point on your second idea.
Unfortunately the fix and explanations did not work, I found more and similar details here, and I even tried the reverse approach pointed to here
In all occasions the problem remained:
warning: connect to Milter service inet:localhost:8891: Connection refused
I will add that inasmuch as I like learning, this issue is getting to be all a bit above my head, so I will frankly appreciate if you can keep pointing me in the right direction to finish solving this issue
TL;DR The previous fix for dkim issues on 18.04 is not working here, can you help me further investigate and fix the issue?
What is the output of
If there is no OpenDKMI on the output, it means that it listens on the domain socket, rather than specific interface. Go ahead and fix that by editing
/etc/opendkim.conf
and commenting out currently enabled line containing Socket and replacing it with:Socket inet:8891@localhost
This is what
smtpd_milters
on Postfix currently expecting.Submitted by santiazpi on Tue, 02/25/2020 - 11:45 Pro Licensee Comment #5
Thanks for that Ilia!
This is what I got,
n# netstat -lnptu |grep dk
tcp 0 0 127.0.0.1:8892 0.0.0.0:* LISTEN 1586/opendkim
and soon enough realized 8892 <> 8891!
Just changed to the correct port at
/etc/opendkim.conf
, restarted the dkim service and we are nowhappily signing emails now!I wonder how that mistake got introduced...
In any case, the issue is now fixed (and I learned a bunch in the process)!
Submitted by santiazpi on Tue, 02/25/2020 - 11:45 Pro Licensee Comment #6
I am very glad you have it working and that you have learnt something new.
Have a great day!
Submitted by IssueBot on Tue, 03/10/2020 - 13:56 Comment #8
Automatically closed - issue fixed for 2 weeks with no activity.