Skip to main content

Questions tagged [opendkim]

Open source implementation of the DKIM (Domain Keys Identified Mail). The capabilities include signing and verifying DKIM signature of the email.

Filter by
Sorted by
Tagged with
21 votes
8 answers
19k views

Can't change OpenDKIM socket in Debian stretch in /etc/default/opendkim

I am trying to set up opendkim on Debian stretch but I fail at changing the socket. I want to change the socket to /var/spool/postfix/opendkim/opendkim.sock so I can use it with postfix. I have added ...
lw1.at's user avatar
  • 691
11 votes
4 answers
24k views

Is _ (underscore) illegal in a CNAME record?

We're having trouble creating the long TXT record for the DKIM key on the web interface on our hoster. Each line can only accept 256 characters. We tried multiple lines, then tried adding (" at the ...
Lenne's user avatar
  • 1,009
11 votes
4 answers
26k views

Postfix - Opendkim - Unable to connect to local socket

I am getting denied errors when postfix tries to connect to the unix socket for opendkim, actual error: Sep 24 15:41:43 service-a-4 postfix/cleanup[17414]: warning: connect to Milter service unix:var/...
Mike Purcell's user avatar
  • 1,738
10 votes
4 answers
44k views

no signing table match in OpenDKIM

I have OpenDKIM installed on CentOS. I am using postfix as MTA and dovecot for IMAP/POP3. Now the problem is am trying to setup DKIM for my domain. The mails are send from a sub domain mail.example....
Amal's user avatar
  • 301
10 votes
1 answer
14k views

OpenDKIM not signing mail

So I'm having trouble with getting OpenDKIM to sign my messages, but I'm hitting a wall as to what might causing it: On Debian Jessie, with Postfix and OpenDKIM. My /etc/opendkim.conf: Syslog ...
anark10n's user avatar
  • 163
9 votes
4 answers
25k views

postfix: milter-reject: END-OF-MESSAGE from ...: 4.7.1 Service unavailable (opendkim)

I configured OpenDkim to work with postfix and I'm getting the following error when I try to send mail out: postfix/cleanup[11542]: 40F271A291A: milter-reject: END-OF-MESSAGE from ***[***]: 4.7.1 ...
Chazy Chaz's user avatar
9 votes
1 answer
20k views

Connect to Milter service unix:/var/run/opendkim/opendkim.sock: No such file or directory

I've just been moving a postfix mail server to a different box, and I'm having trouble getting postfix to talk opendkim via a unix socket. The opendkim socket is located at /var/run/opendkim/opendkim....
starbeamrainbowlabs's user avatar
9 votes
1 answer
12k views

opendkim-testkey: key not secure

I set up Opendkim milter to work with postfix on my machine. Now email is signed & verified correctly i.e. email source code shows DKIM-Signature header. TXT record on the authorative dns is set ...
71GA's user avatar
  • 403
9 votes
2 answers
11k views

DKIM not signing with alias addresses - not internal, not authenticated

I have postfix, dovecot, opendkim and postsrsd installed. I am trying to forward mail from [email protected] to [email protected], and have them signed with DKIM. I use postsrsd in order for the SPF ...
user2370460's user avatar
9 votes
1 answer
8k views

opendkim-testkey: key not secure, but dnssec is ok

I'm trying to setup opendkim, but I get this result: # opendkim-testkey -vvvv -d my.example.com -s 201702 opendkim-testkey: using default configfile /etc/opendkim.conf opendkim-testkey: checking key '...
Lenne's user avatar
  • 1,009
8 votes
1 answer
14k views

OpenDKIM not signing outgoing mail

I'm trying to setup OpenDKIM on my mailserver running Debian and Postfix. This is the configuration I've done: Generated two keys (for two domains I need to send mail for) Configured KeyTable, ...
Compizfox's user avatar
  • 404
6 votes
1 answer
10k views

1024 or 2048 bit keys for DKIM?

Referencing this: https://crypto.stackexchange.com/questions/72297/recommended-key-size-for-dkim What I get from this is (at the time) DNS providers (usually) allow for up to 1024 bit keys but not ...
Tyler Montney's user avatar
6 votes
1 answer
2k views

opendkim configuration not loading properly

When moving from Ubuntu 12.04 to 14.04, opendkim no longer starts with the same config I had prior. Any item I have in /etc/default/opendkim shows up as "not found" when booting. /etc/init.d/opendkim:...
stagl's user avatar
  • 161
6 votes
1 answer
9k views

opendkim fail | bad RSA signature | verification failed unprotected key

I have fully manageable VPS running Ubuntu 14.04 which hosts websites for several domains. Recently I have tried to add DKIM signatures to avoid spam filters. I've followed ubuntu-postfix-dkim ...
Matúš Makač Mačák's user avatar
5 votes
2 answers
9k views

OpenDKIM errors

When sending mail, Outlook errors 4.7.1 Service unavailable - try again later. I have installed postfix, dovecot and openDKIM, but OpenDKIM is giving me errors: Mar 30 10:19:32 x opendkim[16762]: can'...
WMRKameleon's user avatar
5 votes
1 answer
964 views

Why doesn't dkim sign the letter?

I have configured DKIM: Dec 27 11:10:03 mailer opendkim[378]: OpenDKIM Filter v2.11.0 starting (args: -x /etc/opendkim.conf) Dec 27 11:10:10 mailer postfix/postfix-script[551]: warning: symlink leaves ...
Oleksandr's user avatar
  • 161
5 votes
1 answer
3k views

OpenDKIM generates 2 keys

I've followed instructions to set up spf and DKIM on my mailing server. SPF is working fine so far, however I am having problem with DKIM. In every single instruction website, they show the output ...
b0xed's user avatar
  • 53
5 votes
2 answers
3k views

can I use multiple selectors for opendkim?

I have 4 domains hosted on a single server. Should I use 4 separate dkim keys or one for all of them? Also as far as selectors go do I need to use the one specified in opendkim.conf or can/should I ...
Marcin Kozyra's user avatar
4 votes
2 answers
13k views

opendkim error loading key

I am having a hard time in debugging this error: Syslog: Apr 24 06:18:08 abcex opendkim[24223]: abcex: key data is not secure: /etc/opendkim/keys/abcex.private Apr 24 06:18:08 abcex opendkim[24223]: ...
Optionfan Bob's user avatar
4 votes
1 answer
5k views

OpenDKIM ignoring hostnames and domains in trusted hosts file

According to http://opendkim.org/opendkim.conf.5.html, the ExternalIgnoredHosts and InternalHosts options support the same format as the PeerList option as follows: The set should contain on each ...
Bunny's user avatar
  • 101
4 votes
1 answer
4k views

Valid DKIM signature ramdomly fails to validate

The scenario: I have a couple email servers running on Debian behind a firewall, a public IP and I have properly setup my DNS records (MCX, DMARC, DKIM, SPF). This is an example of my DNS records (...
Solrac's user avatar
  • 458
4 votes
2 answers
6k views

Milter (opendkim): error connecting to filter: Connection refused by localhost

I'm on Ubuntu 16 LTS, trying to sign mail with opendkim and I'm getting: $ tail /var/log/mail.err ... Milter (opendkim): error connecting to filter: Connection refused by localhost I have sendmail ...
Jeff Kaufman's user avatar
4 votes
1 answer
2k views

opendkim-testkey returns "invalid data set type", while if I specify domain and selector I got "Key OK"

I'm having the problem that opendkim testkey returns error "invalid data set type" unless I pass the domain and the selector to the command. Why does it happen? Details below: Without domain and ...
Mladen Adamovic's user avatar
4 votes
1 answer
2k views

How to validate opendkim generated RSA keys

I'm trying to diagnose OpenDKIM validation errors (see this question). Way down in the belly of the beast, I'm at the point where I'm trying to make sure the keys generated are actually correct. I'm ...
philolegein's user avatar
4 votes
2 answers
3k views

Postfix not communicating with opendkim

I want to setup automatic signing with DKIM for all outgoing emails. This ir virtual private server and hosts a single website. I have tried lots of tutorials on how to implement dkim email signing, ...
Deniss Kozlovs's user avatar
4 votes
2 answers
4k views

OpenDKIM query timed out (even with opendkim-testkey and Nameservers set)

I try to set up a mail server on Debian with opendkim and opendmarc When I receive an email, SpamAssassin refuse it because opendkim can't do the DNS query I tested with opendkim-testkey command, ...
Tarkok's user avatar
  • 61
4 votes
1 answer
2k views

postfix relay with opendkim

i'm using opendkim + postfix as a MTA for my website , everything is working: mail are signed by DKIM , gmail mark them as "pass" the issue is when i'm using this config as a relay from another vm ( ...
vandel's user avatar
  • 63
4 votes
3 answers
3k views

OpenDKIM permission denied [duplicate]

I have installed opendkim on CentOS 6 and set the TemporaryDirectory to /var/tmp in the opendkim.conf configuration file. After restarting the service and trying to send an email I get an error in the ...
seyfe's user avatar
  • 151
3 votes
4 answers
868 views

How destination mail server can know the DKIM selector

It is possible to set a "subdomain" in DKIM DNS record name. This "subdomain" is called a selector. It allows to have multiple DKIM keys for the same domain. There is something I ...
Bob5421's user avatar
  • 429
3 votes
1 answer
5k views

OpenDKIM milter with Postfix

I just configured opendkim and postfix and it is supossed to be signing my emails but it doesn't. I used /usr/sbin/opendkim-testkey to test the keys and it seems to be ok with them but the mails I ...
Asier Paz's user avatar
  • 133
3 votes
1 answer
6k views

OpenDKIM won't start: "opendkim: milter socket must be specified"

I'm trying to setup a server using postfix, dovecot, amavis and opendkim for signing. OpenDKIM won't start, here is the output of journalctl -xe, after stopping and starting opendkim: Jul 21 21:54:17 ...
UnlegitApple's user avatar
3 votes
2 answers
4k views

Route53 DNS and DKIM/TXT

I've been trying to set an openDKIM public key as a TXT record within the Route53 hosted zone for my domain. The record is mail._domainkey .zewtie.io but, however I enter the public key in the ...
Paul Browne's user avatar
3 votes
1 answer
519 views

How to make postfix sign non-delivery notifications with DKIM?

I have set up my "postfix" server to sign outgoing messages with DKIM and verified that it works correctly for SMTP users using authentication. However, "non-delivery notifications"...
mist's user avatar
  • 33
3 votes
1 answer
810 views

OpenDKIM's UNIX socket and permissions for "others"

Postfix installation procedure created a system user postfix and it's primary group postfix while installation procedure for OpenDKIM created a system user opendkim and it's primary group opendkim. To ...
71GA's user avatar
  • 403
3 votes
2 answers
4k views

OpenDKIM / Postfix sign console-sent mail, but not from a mail client / SMTP

I have Postfix running on a Debian 9 machine, and installed opendkim (both from the Debian repositories). The milter socket/connection is inet:localhost:8892, and the iptables firewall allows that ...
Cal-linux's user avatar
  • 175
3 votes
1 answer
4k views

Sendmail authenticating with DKIM but Roundcube is not authenticating

So I have set up the mail server, Roundcube, and Sendmail both work as expected. but many of my emails were going to spam in Gmail and others, so I was setting up the DKIM auth and it was successful. [...
Ryan Vogel's user avatar
3 votes
1 answer
777 views

Deprecation of RSA-SHA-1 in DKIM keys?

I recently noticed that opendkim on my mail server is objecting to DKIM signatures from a client, saying their key is insecure. It may be that that's due to lack of secure DNS (confirmation?) but I ...
mc0e's user avatar
  • 5,941
3 votes
2 answers
3k views

OpenDKIM - cannot determine host's domain name, so skipping default key generation

I've just set up OpenDKIM on my CentOS 6 server but keep getting the following warning each time I start the service: Cannot determine host's domain name, so skipping default key generation. I have ...
Zishan Neno's user avatar
3 votes
1 answer
654 views

Exim Unable to Read DKIM Key

Exim is spitting out (what looks like) a privilege error: # tail -n1 /var/log/exim/paniclog 2021-11-15 16:38:35.955 [682275] 1mme43-002rUN-QV unable to open file for reading: /etc/opendkim/keys/...
frankplow's user avatar
  • 131
3 votes
0 answers
2k views

Cannot start opendkim service, but command line works fine

Good morning.. I've read about 15 different guides on setup with DKIM and Sendmail signing on ubuntu 18.04 and for some reason I cannot get the service to start, yet command line works fine /etc/...
Dennis's user avatar
  • 31
2 votes
1 answer
4k views

OpenDKIM reports "signing table references unknown key" (CentOS 8)

I'm attempting to configure OpenDKIM with PostFix on CentOS 8. I've set the following in /etc/opendkim.conf: PidFile /run/opendkim/opendkim.pid Mode sv Syslog yes SyslogSuccess yes LogWhy yes ...
James Shields's user avatar
2 votes
2 answers
2k views

Opendkim doesn't sign emails sending from external clients

I've setup opendkim with my sendmail and it looks like everything works correctly, but it signs only those messages that sent locally (from webmail client or automatic subscriptions). when I try to ...
heximal's user avatar
  • 175
2 votes
2 answers
801 views

Add Multiple Subdomains In Signing Table And Key Table Opendkim

I need some major help adding multiple subdomains in the signing table and key table for opendkim without listing them one by one. If I have 50 subdomains I want to add, it will take me forever. I am ...
Digital Joe George's user avatar
2 votes
1 answer
203 views

How OpenDKIM decides which emails to sign?

In OpenDKIM, what domain does it consider to use when comparing to internal hosts? Do it consider the domain of Return-Path (i.e. envelope MAIL FROM's domain) or header From or HELO's domain.
Ayush Gupta's user avatar
2 votes
1 answer
3k views

Is DKIM/ARC working properly on my Mailman server?

I've set up a Mailman 3 server with Postfix. I've configured Postfix to add DKIM headers using OpenDKIM and a test email from that server to a Microsoft-hosted email address suggests that DKIM is OK: ...
Philip Colmer's user avatar
2 votes
1 answer
1k views

OpenDMARC with multiple MX: correct setup for trust between servers

There are many tutorials on how to setup OpenDMARC on your favorite flavor of Linux, but they all focus on single server configurations. My goal was to keep backup secondary MX servers, but enforce ...
Esa Jokinen's user avatar
  • 50.2k
2 votes
1 answer
2k views

Postfix not triggering OpenDKIM milter

I've been trying for a long time to start signing mail sent via postfix with opendkim. Looking at the logs, it looks like zero attempt is made to communicate with postfix: Aug 4 20:59:59 localhost ...
thisguyheisaguy's user avatar
2 votes
1 answer
275 views

OpenDKIM - How can I set these signing options in the conf file

I followed this guide for opendkim, and I wondering how to set the following options in the conf file: Signature expiration (x) creation time (t) standard headers to be validated (h=) body signature ...
Vnge's user avatar
  • 195
2 votes
1 answer
288 views

Postfix / OpenDKIM config on Centos8

I've setup Postfix with Dovecot as an integrated mail service for my SaaS app, it worked great as an inbox. The issue started when I started to send emails, it was not signed so I went ahead and ...
Marius Terblanche's user avatar
2 votes
1 answer
4k views

Opendkim: fail (signature doesn't verify)

I had generated my public and private key using opendkim-genkey: opendkim-genkey -s mail -d example.com It is supposed to be linked in the KeyTable file: /etc/opendkim$ cat KeyTable mail._domainkey....
Cod1ngFree's user avatar